on 07-02-2009 9:00 PM
Dear all,
what are the by SAP recommended and needed Authorizations for Customization? I am looking for a document by SAP mentioning the situation for SRM.
We are facing the situation of strict role & authorization management at a company, where they also do not allow SAP standard roles. I need proven SAP document why extensive SAP authorizations needed in SRM. We do not have the time, to trace all tables, transactions etc. to rebuild SAP standard roles & authorizations.
Any help & info is highly appreciated.
Cheers,
Claudia
As all we aware SRM is a Role based application. however you also right and customer also right to ask this question to us.
In SAP SRM one or more predefined roles are assigned to each user or user account. Depending on
the role, the user is authorized to carry out certain transactions and access certain data. In addition,
each user or user account is assigned to its company and/or organizational unit. By way of this
assignment, the user inherits additional attributes that further restrict access, for example, employees
may only assign purchase orders to their own cost centers.
In the standard SAP SRM delivery, customers receive predefined role templates that they can extend
or adapt to their specific requirements. The standard roles include roles for managers, employees,
and so on.
Individual users access SAP SRM transactions and data via their browsers and then transfer sensitive
confidential data. This information must be protected against unauthorized access. As standard, this
is taken care of by encoding all data during the transfer from the Web Server to the browser. SAP
SRM follows the standard in this case and supports secure HTTP.
Roles for System Configuration
Users wanting to set up or configure an SAP SRM Server system are assigned to the SAP SRM
Administrator role, which provides them with the required authorizations. The necessary Customizing
authorizations ensure that these setup users are able to carry out IMG projects.
For more information, see http://help.sap.com SAP NetWeaver SAP NetWeaver 7.0 Including
Enhancement Package 1 System Administration Security Guide User Administration and Authentication
User Management .
do you want this security guide realeased by SAP
Security Guide
SAP Supplier Relationship Management powered by SAP
NetWeaver®
Target Audience
n System administrators
n Technology consultants
mail to businesss id i send you. i believe i have downloaded from market place?a re you looking for this document?
I have read and listened some web ex slides discusions on role arena form SAP experts.if you could not locate i will search for you..
br
muthu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi all,
thanks for reply.
I am aware of the security guide, the usage of roles etc.
Most of us using SAP_ALL for configuring the system as without the customizing can not be completed successfully. Nevertheless, there are clients out there with role/authorization guidelines, esp. after introduction of SOX, which do not allow this extensive access according to their guidelines. Also clients can be that crazy to delete all standard roles provided by SAP and do custom roles only.
I am looking for an official answer of SAP or also the goups experiance to explain restrictive clients, why there are so extensive athorizations needed for SRM.
Many thanks in advance,
Claudia
Cheers,
Claudia
User | Count |
---|---|
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.