Beruflich Dokumente
Kultur Dokumente
Find the auth group of the Table. Use SE11 and Table Maintenance
generator from utilities menu
TDDAT table has the link between Table and auth group
Table creation is controlled by S_DEVELOP ( SE11 and Developer
KEY and Table entry is controlled be S_TABU_DIS and
S_TABU_CLI ( Client Independent table) (SM30, SE16, SE16N,
SE17)
S_TABU_DIS has Activity and Auth group fields
Create a T-code in SE93 using call transaction SM30
Update SU24 with S_TABU_DIS and particular auth group.
Add the T-code to the role and make sure the proper auth group is
brought into the role.
If SU24 is changed after the object is added do adjust derived in
PFCG
SE54 to assign auth group to table
Project Requirement
Collect Requirement
Process Team member Contact
Develop Roles
Consult process team member for object
Values
Program Security
Find the auth group of the program. Use SE38 and display attribute
TRDIR table has the link between program and auth group
Program creation is controlled by S_DEVELOP (SE38 with Developer Key)
and execution is controlled be S_PROGRAM ( SA38) High sensitive T-codes.
S_PROGRAM has Activity and Auth group fields
Create a T-code in SE93
Update SU24 with S_PROGRAM and particular auth group.
Add the T-code to the role and make sure the proper auth group is brought into
the role.
If SU24 is changed after the object is added do adjust derived from advanced
menu in PFCG
Transaction used for Creation SE38 and Execute SA38
RSCSAUTH Update TRDIR RSABAUTH- Update TPGP
Security redesign
Security Requirement Documentation describing the Role name tcodes, Plant Derivations, Object Value restriction and any org value
restrictions
User access approval and change process
Profile Naming Convention
Approval process for addition of T-code, removal T-codes, object
Value Changes and org level changes
Approval Process for Addition of Single role to composite role
Security Custom Program and Tables
User ID expiration and deletion process
System Security parameters
Securing Batch jobs, Batch jobs and Spool request
Batch Job
You can define and schedule background jobs in two ways from the
Job Overview:
Directly from Transaction SM36. This is best for users already
familiar with background job scheduling.
use the Job Wizard, start from Transaction SM36, and either select
Call Transaction SM36 or choose CCMS Jobs Definition .
Assign a job name. Decide on a name for the job you are defining and
Virsa