Customizing
What to do when the auditor comes - Part 1: Processes and documentation
The difficulty in assigning permissions to the S_DATASET object is determining the correct values for the FILENAME and PROGRAMME fields. If you have not specified a path in the FILENAME field, only the files in the DIR_HOME directory will be allowed.
If these issues are not taken into account during a conversion, there will be an imbalance between the system and the components to be protected, since the change in the system constellation means that new components, such as those mentioned above, must also be taken into account. Otherwise, a company may suffer economic damage and the resulting damage to its image. Furthermore, neglect of legal requirements (BDSG, DSGVO, GOB, HGB, etc.)1 can lead to legal measures or steps.
Introduction & Best Practices
You can translate text blocks in permission roles individually using the SE63 transaction. If you need to translate many roles, there are also automation options that we present here. There are several scenarios in which it becomes interesting to translate the texts of permission roles, for example, if your company is acting internationally. Also, you may have taken over a third party company and the SAP systems used there, or you may want to simplify the SAP system landscape by combining different divisions in one system. In all of these cases, you must standardise or translate the texts of the authorisation roles. For pure translation, you can use the transaction SE63, which we explain in the first section of this tip. In general, however, you will need to translate a large number of role texts in these scenarios; Therefore, in the second section we will explain how you can automate the translation using the LSMW (Legacy System Migration Workbench) transaction and will discuss how to set up a custom ABAP programme.
In order to make a well-founded statement about the complexity and the associated effort, a fundamental system analysis is required in advance. The results obtained from this form an excellent basis for estimating the project scope and implementation timeframe.
During go-live, the assignment of necessary authorizations is particularly time-critical. The "Shortcut for SAP systems" application provides functions for this purpose, so that the go-live does not get bogged down because of missing authorizations.
If parameters for the validity of the initial password are now also introduced, these also apply to communication users.
Another problem is that the proof of use of the authorization object is limited to finding implementations of the authorization object.