authorizations
TEMPLATE ROLES
- 3 default roles are provided with the SEAzam Add On :
– /HSEA/SEAzam_FULL_RIGHTS : Allow all transactions. This role should not be given in Production.
– /HSEA/SEAzam_CUSTO : Allow only the customizing activities. It’s not possible to execute them with this role.
– /HSEA/SEAzam_EXE : Allow only to execute the activities. You can use them as it is but for more security you can copy and modify them to restrict the activities.
You can use them as it is but for more security you can copy and modify them to restrict the activities.
IMPORTANT
– The classical authority check of SAP is fully operational with the SEAzam activities, but totally not with Table ID’s.
– When you install the SEAzam, you have to generate their profiles.
- Start transaction PFCG
1_ Select the roles
2_ Select tab:
3_ Click on the following buttons :
TRANSACTION LIST
THE AUTHORIZATION OBJECTS
– /HSEA/SZUA : User action for Web Service Optimizer.
Possible values :
– /HSEA/SZCU : Type of Object for SEAzam Custo.
Possible values :
– /HSEA/SZFI : file formats
Possible values :
– /HSEA/SZAC : Name of the allowed activities.
Possible values : Activities names & Table ID’s can be maintained here.
– /HSEA/SZPR : Name of the allowed projects.
Possible values : Project names can be maintained here.
– /HSEA/SZMO : Name of the allowed modules.
Possible values : Modules names can be maintained here.
Recommandation
To add them to the SAP_ALL profile, don’t forget to run SU21