06-20-2013 7:37 PM
Hi Guys,
We are on Ecc 6.0 Enhp4 and we have the necessity to review the roles assigned to some users especially those used for RFC connection (infact they have SAP_ALL, also if they are defined as communication user and not as dialog).
Our porblem is that these RFC users launch numerous custom function modules (FM) which recall other (standard and custom) function/bapi. In order to create a specific authorization role we have to know which are the authority checks that are inserted in all FMs.
Please can you give us an help on this problem?
Thanks
Bob
06-21-2013 10:59 AM
Hi Bob
would it be not easier to trace those users and analyze the authorisations they pass in their dutys?
Let me know your thoughts
a
06-21-2013 2:12 PM
Hi Andrea,
thank you for your reply. It is very expensive to do what you have said. Infact we want exactly to avoid making hundreds of trace. These RFC users can lauch hundreds of FMs that were developed by other outsourcers.
We have need of a standard or cutom program to find all the authority checks in these FMs.
Have you some idea about that?
Thanks
Bob
06-21-2013 3:56 PM
I also looked (and thought) high and low for this and only found unreliable ways of doing this, so developed our own.
SAP consulting also use it and offer a service with it if you want the work to be done with it for you -> see SAP Note 1682316 ( https://service.sap.com/sap/support/notes/1682316 )
You then end up with roles which have standard status authorizations with complete where-used-lists to the FM's.
Cheers,
Julius
06-22-2013 2:31 PM
Hi Julius,
thank you very much for reply regarding Xiting. We will evaluate this service in case we won't be able to find any other solution and/or idea.
Thanks
Bob