Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

SAP HR Security

Former Member
0 Kudos

hi guys,

Just want to ask, what is the diffence of HR security to other Security in SAP?

Can you help me with guides and manuals for HR security,

Thanks in advance!

1 ACCEPTED SOLUTION

martin_voros
Active Contributor
0 Kudos

Hi,

Alex has already mentioned standard course. Search also for "Structural Authorizations Step by Step, with Gotchas Too".

Cheers

9 REPLIES 9

Former Member
0 Kudos

Hi,

"Other security in SAP" is a bit of a broad term. ECC, BW, SRM, SCM, MDM, Portal etc all have differences in auth concept.

Course HR940 is the standard course for this area. If you will be working in HR and have no-one onsite to learn from then invest in this course.

There is a bit of info in "The Bible" http://www.sap-press.com/products/SAP-Security-and-Risk-Management-%282nd-Edition%29.html#

SAP Help is stuffed full of useful info e.g.

http://help.sap.com/erp2005_ehp_02/helpdata/en/5c/73ba3bd14a6a6ae10000000a114084/frameset.htm

Look at P_ORGIN, P_PERNR, P_ORGINCON (for the fun of context sensitive auths), PLOG and P_ABAP for the most common auth objects.

Main things to consider in HR is that the data is held in infotypes so it's important to understand how infotypes work for various transactions. Infotypes control WHAT data is presented

The enterprise structure & org structure are also important as they control WHERE the data is for. Structural authorisations are a concept heavily used in HR so invest in understanding what they are and how they work. Google the terms "structural authorizations Norm Carl" to get a good guide.

There are some other bits and pieces (P_PERNR for example) but you can pick these up when you have a look through materials.

0 Kudos

Hi Alex

Thanks for the link

Google the terms "structural authorizations Norm Carl" to get a good guide.

Just what I needed!

Cheers

David

0 Kudos

To be fair, Martin got the correct title. I can only remember the Norm & Carl bit!

0 Kudos

To be fair I missed that part of your post and hence my post was redundant.

Cheers

0 Kudos

I guess the OP is now equiped to search further... as we all are and have always been..

If a series of "what is the difference" questions evolves then I will lock them, as it floods the forum.

As a general remark, the person (OP) asking the question should ask more specific questions and disclose what they already know.

Also, the subject title is fairly meaningless, but at least consistent with the opening question details..

I trust you agree.

Cheers,

JUlius

0 Kudos

ps: Structural Authorizations and OM is also becoming somewhat redundant, because with IdM workflows you have much more flexibility.

Of course OM is a prime candidate for a data source for IdM, but it is only as good as the data source.

Folks will not maintain master data just for the sake of it. It needs to be used and the timely and qualitative data source must be important for various other access and reporting related permissions and assignments, otherwise they will not maintain it accurately.

This must be checked and tested in advance, before bolting role / system based access onto it.

Cheers,

Julius

0 Kudos

I've added this one to my list of SAP Security diaries which was started by a friend of mine a few years ago - I'll add it to my training note to one-self for when that 'one bright student' sticks their hand up and I'm stuffed

0 Kudos

ps: Structural Authorizations and OM is also becoming somewhat redundant, because with IdM workflows you have much more flexibility.

>

> Of course OM is a prime candidate for a data source for IdM, but it is only as good as the data source.

>

> Folks will not maintain master data just for the sake of it. It needs to be used and the timely and qualitative data source must be important for various other access and reporting related permissions and assignments, otherwise they will not maintain it accurately.

>

> This must be checked and tested in advance, before bolting role / system based access onto it.

>

> Cheers,

> Julius

I have a hat here, ready for eating of structural auths become redundant any time soon

Position based role provisioning is a different matter and if not required to support HR then agree that flexibility in provisioning using newer tools offers many advantages. If HR is being used properly then generally the OM is in reasonable shape and we can use it. If it's just being used to hang roles and users off then accuracy fails somewhat.

Cheers

martin_voros
Active Contributor
0 Kudos

Hi,

Alex has already mentioned standard course. Search also for "Structural Authorizations Step by Step, with Gotchas Too".

Cheers