on 01-15-2008 3:39 PM
Hi Folks,
I am just started with this forum, I hope you I would get goot KT from this forum. I have few questions with APO and really appreciate if some one would help me with their thoughts..!
What are the changes or updates with security authorization with SAP APO vs R/3....
My next project would be on APO, hope you guys would help me with your thoughts......
Thanks in advance...!
Thanks Somnath, I did good excercise with naming conventions....
I have come up with some reccomendations, that you have discussed.....
I expect similar kind of help going forward too....
Thanks Again,
Anil.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Anjali and Somnath, that was very informative...Also I was in ERP audit till now, just moved as in Security Admin...
To start with I would be dealing in creating some of the roles in APO for IS team for configurations...
I have to develop some roles for configuration on DEV and QA:
Please correct me if I am wrong, i was thinking with creating some roles with SAP_All...
And then tailor the auth objects...
1)Any thoughts or ideas on naming conventions...
2)And also what are the basic things that I have to keep on top of my head when dealing with roles....
I would look at the OSS notes you guys suggested...I think that would help me little..
Hope you guys understand my curiosity....and plzz help me with your thoughts...
Thanks
Anil.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Anil,
Security Admin is not my area and hence I can not comment on Generic Security role design.
I guess you can not start with SAP_ALL and then start putting in restrictions. I am sure SAP will not suggest that.
Check the standard roles available - like
SAP_APO_FCS_CU APO: Demand Planning Customizing User
SAP_APO_FCS_EU APO: Demand Planning Expert User
You can build a composite role by selecting the Module specific (DP, SNP, PPDS, CIF etc.) roles.
Check with your existing Security team about naming convention and building of the roles.
They should be able to help - it does not matter between APO and R/3. The points you have mentioned are very basic regarding Security and not specific to APO.
In terms of naming convention I have seen Clients using something like Z_xx_zzzz with xxx being the country or region like CT (Central Team), UK, US, DE etc. and zzzz being the module.
Thanks,
somnath
Hi Anil,
As Anjali mentioned conceptually authorizations in APO are similar to R/3 only you need to be aware of the relevant authorization objects.
Check SAP Note 400434 for Authorization in DP which should help you.
Also look at the SCM Security guide available in service.sap.com/security >> Security >> Security in Detail >> SAP SCM.
Hope this helps.
Somnath
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Concept wise authorisation in APO Vs R/3 is same.
In the APO you can have control on Planning data on the data view level
Please check following SAP OSS notes
400434 - Authorizations in APO Demand Planning
687399 - SP09: Authorization prob. after you jump from Alert Monitor
727839 - Authorization role for the SAP SCM - SAP R/3 integration
637052 - Missing authorization object for database views
619086 - Input help in authorization maintenance of parameters
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
9 | |
4 | |
3 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.