Maintain permission values using trace evaluations
Authorization check
Make sure that reference users are assigned minimal permissions to avoid overreaching dialogue user permissions. There should be no reference users with permissions that are similar to the SAP_ALL profile.
If you no longer need old audit results, you can archive or delete them with the transaction SAIS via the button (Administration of the Audit Environment). The audit results shall be selected on the basis of the audit structures, the test numbers or the entry date (see figure next page).
Service User
In many SAP environments, there are historically grown authorization structures that cause unnecessary security gaps. These should be examined closely.
Both solutions offer you the added value of centralised reporting of existing users, newly created users, and role assignments. You can also extend the integrated workflows of both solutions to HANA permission applications. This enables you to use the risk analysis of the SAP Access Control solution also in relation to critical HANA permissions.
"Shortcut for SAP systems" is a tool that enables the assignment of authorizations even if the IdM system fails.
If customers are developing systems that supply other system landscapes than your system landscape and require different SU24 suggestion values per system, the proposed values in transaction SU22 will be maintained.
You can exclude certain words or special characters as passwords by entering them in the USR40 table.