PFCG Authorization Module wise

Former Member · ‎10-31-2014

Dear Expert,

I wanted to give PFCG authorization modulewise. user1 able givee authorization to FICO only user2able givee authorization to SD only,

user2 able givee authorization to PP only

How can we restrict authorizations

Regards,

Sahil k

Former Member · ‎10-31-2014

Hi Sahil,

first of all find out roles for SD or FI or MM as per srinivasan, download role corresponding from pfcg and then upload role for new client or create transport for role sends to target system.

after that you customize authorization object as per requirement.

Hope it helps.

Regards,

Dhuvaraganathan M.

srinivasan_vinayagam · ‎10-31-2014

Hi Sahil,

You can find the reconfigured Roles for all function modules in SAP. You will copy from standard roles and customizing as per your requirement.

For SD module you can search by name SAP*_SD*. or *SD*

http://help.sap.com/erp2005_ehp_06/helpdata/en/4c/ac67e85c6c3b9de10000000a42189b/content.htm?fullscr...

For others module like MM, FI you can find by name SAP_MM* , SAP_FI* etc.

or get list of roles from function consultants.

Regards,

V Srinivasan

divyanshu_srivastava3 · ‎10-31-2014

Hi Sahil,

A security person has the authorization to perform task such as managing roles and profiles.

These things, for eg, adding tcode in menu, which add auth objects to profiles cannot be segregated on what you are demanding. What you can try doing is following a nomenclature for different modules while creating and editing roles.

Not sure on your requirement, however, a security person should not restricted in such a way and giving access to PFCG to non-security user doesn't really makes sense to me.

Regards,

PFCG Authorization Module wise

Accepted Solutions (0)

Answers (3)

Answers (3)

Recommended approach for Fiori Adapt UI in S/4H On...

Re: Is there an API for maintaining Decisions in S...

Cloud Connector with Error 425

catch/handle error upload() method in SAPUI5

Connect to ABAP environment using RFC