01-22-2008 8:52 AM
hi,
can you just tell me the security roles.
our company is going to implement a project. we dont have any KT and procedure for creating roles
our company is starting to implement SAP. please suggest me for creating roles and authorisation design.
thanks
Ramesh
01-22-2008 9:05 AM
Hello Ramesh,
You can find some documents and valuable info from the below site...
Rgds,
Gadde.
01-22-2008 9:23 AM
Hi Ramesh,
If you don't have security training/experience I suggest that you book yourself on course ADM940 which covers auth basics (including info on creating a role matrix etc).
If you don't have this then make sure that you work with someone who has done this. You would be very lucky to produce a reasonable design without either the training or using someone who knows what they are talking about.
Other resources are the following publications (you can find them via google):
Authorizations Made Easy (the 4.6 version is bit out of date but if you read & learn it you will be more than OK)
SAP Security and Authorizations
Risk Management and Compliance with Legal Regulations in the SAP Environment
SAP Authorization System
Design and Implementation of Authorization Concepts for SAP R/3 and SAP Enterprise Portals
For a wide overview of security I would recommend the SAP Security and Authorizations book, as a design aid I personally feel that SAP Authorization System would be more appropriate for a newbie
01-22-2008 11:18 AM
Hi Ramesh,
The transaction used for creating the roles is PFCG.
you can find info in below links:
http://sapbasisnotes.blogspot.com/search/label/SAP%20ROLE%20FAQS
http://sapbasisnotes.blogspot.com
/thread/31675 [original link is broken]
and many more site have the info, just search in google.
01-22-2008 11:32 AM
01-22-2008 12:00 PM
>
> Hi Ramesh,
>
> you can find info in below links:
>
> http://sapbasisnotes.blogspot.com/search/label/SAP%20ROLE%20FAQS
> http://sapbasisnotes.blogspot.com
Many of the security comments in that blog are copy and pasted from SAPFans and are often missing the context in which they were answered. There are several Audit ones which are answered "Use the search, this has been answered on this site many times"
come to mention it SDN stuff is in there too.
Edited by: Alex Ayers on Jan 22, 2008 12:23 PM
01-22-2008 2:44 PM
>
> Many of the security comments in that blog are copy and pasted from SAPFans and are often missing the context in which they were answered. There are several Audit ones which are answered "Use the search, this has been answered on this site many times"
>
Luckily the blog is "protected by Copyscape" to make sure none of these carefully collected advices are pasted back into SAPFans or SDN
01-22-2008 2:51 PM