I have a few questions regarding upgrade with respect to SAP Security.
1) How to find the New Transaction codes that SAP has introduced and Tcodes that have been considered obselete by SAP , if im upgrading from 4.6C to ECC 6.0?
2) I heard that SU25 utility is not the widely used tool to find the GAP between two Versions of SAP. If this is right, please let me know the drawbacks or disadvantages of running this tool.
Any help on this will be appreciated.
1)From the security standpoint, look at step 2D of SU25 to find out which tcodes have been upgraded, and which roles need to be changed because of that. This step lists the roles which contain transactions that have been replaced by one or more other transactions.
You can also look into the table PRGN_CORR2 to get an idea of which tcodes are being upgraded to which tcodes.
2) This is my personal experience u2013 I have used SU25 for doing an upgrade. This SU25 gives you the list of roles which are impacted by the upgrade, and have to be changed, and then these roles should be saved and the profile generated. The transaction SU25 is the starting point for doing a security upgrade.
After you change and save and generate the roles, then these roles have to be tested. If the test results are OK, then you transport the roles to Quality system (and do more testing there) and then to Production system.
I am also attaching another link where there has been some more discussion on the security upgrade.
Hope this helps.