Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Working with Profiles

Former Member

‎08-22-2012 12:11 PM

0 Kudos

Hello Experts,

I have a requirement to clean up profiles in my system(ECC).

I think i vl have to use the transaction SU02 to do this job.

But have some queries as i'm doing this for the first time.

1) Can i do this separately in each Environment(DEV, QAS and PRD) or should i have to do it in DEV and then transport.

If it is to transport then please advise on the steps to perform.

2) What are the prerequisites to be checked before i go head with the deletion.

3) Is there a way i can revert the changes?

Best Rgds,

Jaravuy

4 REPLIES 4

jurjen_heeck
Active Contributor

‎08-22-2012 1:29 PM

0 Kudos

Are you talking about manually created profiles, not belonging to roles? In that case I am also interested because I have a similar job coming up and my own authorization experience is all post-4.7

2) I'd say make sure they're not assigned to anyone.

3) Prior to deletion add them all to a transport request, release the transport and have sysadmin hand over the transport files to you.

Former Member
In response to jurjen_heeck

‎08-22-2012 2:04 PM

0 Kudos

Yes, the profiles i'm taking here are manually created Z* Profiles.

And there are no assignments.

Is there is a reason we cannot delete them in individual environments(DEV, QAS, PRD) except that to maintain consistency.

jurjen_heeck
Active Contributor
In response to jurjen_heeck

‎08-22-2012 3:08 PM

0 Kudos

I don't see any objection. Role and profile contents are masterdata, not customizing. I do still hope that there's some way of transporting the deletion, like with roles....

paula_w_arnold
Explorer
In response to jurjen_heeck

‎08-22-2012 3:31 PM

0 Kudos

Let me start off by saying that I have not done this in ECC6 but used to have to do it in 4.0. 

For profiles that were created manually using SU02 and SU03 - to delete them we would first put them into a transport just like Jurjen said and then before releasing the transport, would delete the profile and authorizations.

It was a multi step process.  First we had to enter the profile into the transport and then delete the profile and release the transport.  But this only deletes the profile.  The authorizations are still out there - they could have been built manually with SU03 (so you would then have a Single Profile) or they were built with PFCG and then combined into another profile via SU02 (so you would then have a composite profile).  We then had to put these authorizations or the PFCG generated profile into a transport also, then delete them and then release the transport to complete the cleanup. (yes our old system and process was very clunky and I'm happy to say that we no longer use composite profiles built like this).

I do not know but maybe - in ECC6 once you have deleted the profile via SU02 and done the transport, you may be able to use PFUD to clean up widowed authorizations and thus save having to go back and do a delete with SU03. 

Hope this helps.

Cheers.

Paula