SAP Basis Administration
Fiori Permissions for tile groups in PFCG
SAP Basis is a middleware tool for applications, operating system and database. The SAP Basis consultant should be able to perform the following tasks.
In the SAP Business Objects environment, you can extend the control of permissions using the CMC tab configuration. The tab configuration allows you to easily show or hide specific tabs for users or groups. Enable CMC Tab Configuration By default, the CMC Tab Configuration feature is set to "Don't Limit" and is disabled. For you to be able to use the tab configuration at all, you will need to enable it for now. Note: If you enable the tab configuration, all users that are not under the default Administrators group will not see tabs for the time being. This is because access is denied by default through the CMC tab configuration. Therefore, once enabled, you must maintain tabs for all existing groups. Therefore, make sure you have an account associated with the Administrators Group! To do this, go to Applications, right-click Central Management Console, and select Configure Access to the CMC tab: The CMC can be found under Applications. Now enable the configuration by selecting the Restrict option. Use Restrictions to enable the option. Hide/show tabs If you are now logging in with a user that is not in the default Administrators group, you will not see applications/tabs on the CMC home page. Initially no applications/tabs are visible To display the desired tabs for the groups again, switch to users and groups with your administrator account, right-click on the desired group, and select CMC tab configuration. Enter the tab configuration. In the dialogue that appears, you see that all tabs are denied access by default.
What does an SAP administrator need to be able to do?
A user name without a restricted character set can be a security risk. Therefore, it is advisable that you restrict the character set of the user ID. In this article you will learn where the dangers lie if you do not limit the user ID. I also explain how to eliminate this security risk.
Have you ever wondered what there is actually a tab personalisation for role maintenance in the PFCG or for user data maintenance in the SU01? I will answer this question for you in this blog post. What do we need the Personalisation tab for? This tab gives you access to the central repository for personalisation data. The purpose of this repository is to create a storage facility for user- and role-specific data without the need to create additional database tables. This data should then be taken into account in all manipulations of users and roles. The functionality initially includes a generic repository for user- and role-specific data and centralised access to that data by user and role maintenance. It also provides the ability to connect existing tables with user-specific data to the central access via a defined interface. To store personalisation data in the central repository, a key must be assigned to the data: This is done via the registration transaction PERSREG. The personalisation data that you create is stored in the generic drop table. Access to it is provided by the class methods of the CL_PERS_ADMIN class. Different levels of personalisation The data can be stored either to the user, to roles or to the system. A user can then read all data assigned to him (via role or his own settings) at once.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP base.
If the installation is not possible, the latest version will be included in another setup.
It is now possible to mark the assignment of the role as correct or incorrect.