NW ABAP User Administration and Authorization

As an SAP Authorization Administrator would have come across with Functional/IT team creating Custom tcodes for a specific Business purpose and requesting Auth team to include into a suitable role. There are many projects/organizations still not... Read More »

Requirement We have a custom Z-table with Sales Organization and Order Type as key fields. There’s an associated maintenance view. Users will be using this maintenance view to maintain entries in the table. Users should only be allowed to... Read More »

Introduction SAP BW/4HANA is a next generation data warehouse solution developed by SAP. The underlying foundation of SAP BW/4HANA is the SAP HANA in-memory database, which means that the data is stored and processed in the main memory of the server... Read More »

As SAP security practitioners, we frequently encounter a critical decision-making process concerning the effective management of user access. Today, we will explore a pivotal subject that often sparks debates within the SAP community: The... Read More »

Motivation: In my earlier blog, Consuming a Business Technology Platform service from an S/4 HANA system using SM59 destination with OAuth, I covered what it takes to connect to an SAP BTP service from S/4HANA on-premise using OAuth. Here, we look... Read More »

EDIT Oct 2023 - This feature is now available from release 750 with SAP note 3324172 Scenario Description In this blog, I present an introduction to OAuth and explain how to implement and configure the consumption of an OAuth-enabled service... Read More »

Edition 1- SAP Security Role Redesigning WHAT IS ROLE REDESIGNING? A Role redesign, also sometimes referred to as security redesign or role remediation, refers to significant changes to SAP roles that impact the authorizations of SAP users.It is... Read More »

1         Use-case This methodology is especially useful to perform SAP role redesign (small or large scale) where you choose to implement new SAP role(s) for your productive SAP entity, to replace an existing role concept with a new improved... Read More »

The technical background and rules for the merge process of authorizations are documented in SAP note 113290 – PFCG: Merge process for authorization data maintenance   To illustrate the described rules, here are some simple examples,... Read More »

The implementation of additional mitigating controls is a frequent response from the company management in order to limit the risk of excessive (redundant or unnecessary) authorizations in ERP (SAP) systems. Is it a good way to eliminate the... Read More »