ebook img

ADM940 ABAP AS Authorization Concept PDF

379 Pages·2011·16.04 MB·English
by  coll.
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview ADM940 ABAP AS Authorization Concept

ADM940 ABAP AS Authorization Concept SAP NetWeaver Date Training Center Instructors Education Website Participant Handbook Course Version: 72 Course Duration: 3 Day(s) Material Number: 50099897 An SAP course - use it to learn, reference it for work Copyright Copyright©2011SAPAG.Allrightsreserved. Nopartofthispublicationmaybereproducedortransmittedinanyformorforanypurpose withouttheexpresspermissionofSAPAG.Theinformationcontainedhereinmaybechanged withoutpriornotice. SomesoftwareproductsmarketedbySAPAGanditsdistributorscontainproprietarysoftware componentsofothersoftwarevendors. Trademarks • Microsoft®,WINDOWS®,NT®,EXCEL®,Word®,PowerPoint®andSQLServer®are registeredtrademarksofMicrosoftCorporation. • IBM®,DB2®,OS/2®,DB2/6000®,ParallelSysplex®,MVS/ESA®,RS/6000®,AIX®, S/390®,AS/400®,OS/390®,andOS/400®areregisteredtrademarksofIBMCorporation. • ORACLE®isaregisteredtrademarkofORACLECorporation. • INFORMIX®-OnLineforSAPandINFORMIX®DynamicServerTMareregistered trademarksofInformixSoftwareIncorporated. • UNIX®,X/Open®,OSF/1®,andMotif®areregisteredtrademarksoftheOpenGroup. • Citrix®,theCitrixlogo,ICA®,ProgramNeighborhood®,MetaFrame®,WinFrame®, VideoFrame®,MultiWin®andotherCitrixproductnamesreferencedhereinaretrademarks ofCitrixSystems,Inc. • HTML,DHTML,XML,XHTMLaretrademarksorregisteredtrademarksofW3C®,World WideWebConsortium,MassachusettsInstituteofTechnology. • JAVA®isaregisteredtrademarkofSunMicrosystems,Inc. • JAVASCRIPT®isaregisteredtrademarkofSunMicrosystems,Inc.,usedunderlicensefor technologyinventedandimplementedbyNetscape. • SAP,SAPLogo,R/2,RIVA,R/3,SAPArchiveLink,SAPBusinessWorkflow,WebFlow,SAP EarlyWatch,BAPI,SAPPHIRE,ManagementCockpit,mySAP.comLogoandmySAP.com aretrademarksorregisteredtrademarksofSAPAGinGermanyandinseveralothercountries allovertheworld. Allotherproductsmentionedaretrademarksorregisteredtrademarksof theirrespectivecompanies. Disclaimer THESEMATERIALSAREPROVIDEDBYSAPONAN"ASIS"BASIS,ANDSAPEXPRESSLY DISCLAIMSANYANDALLWARRANTIES,EXPRESSORAPPLIED,INCLUDING WITHOUTLIMITATIONWARRANTIESOFMERCHANTABILITYANDFITNESSFORA PARTICULARPURPOSE,WITHRESPECTTOTHESEMATERIALSANDTHESERVICE, INFORMATION,TEXT,GRAPHICS,LINKS,ORANYOTHERMATERIALSANDPRODUCTS CONTAINEDHEREIN.INNOEVENTSHALLSAPBELIABLEFORANYDIRECT, INDIRECT,SPECIAL,INCIDENTAL,CONSEQUENTIAL,ORPUNITIVEDAMAGESOFANY KINDWHATSOEVER,INCLUDINGWITHOUTLIMITATIONLOSTREVENUESORLOST PROFITS,WHICHMAYRESULTFROMTHEUSEOFTHESEMATERIALSORINCLUDED SOFTWARECOMPONENTS. g201136103757 About This Handbook Thishandbookisintendedtocomplementtheinstructor-ledpresentationofthis course,andserveasasourceofreference. Itisnotsuitableforself-study. Typographic Conventions American English is the standard used in this handbook. The following typographic conventions are also used. Type Style Description Example text Wordsorcharactersthatappearonthescreen. These includefieldnames,screentitles,pushbuttonsaswell asmenunames, paths, andoptions. Alsousedforcross-referencestootherdocumentation both internal and external. Exampletext Emphasized words or phrases in body text, titles of graphics, and tables EXAMPLETEXT Names of elements in the system. These include reportnames,programnames,transactioncodes,table names, andindividualkeywordsofaprogramming language,whensurroundedbybodytext,forexample SELECT and INCLUDE. Example text Screenoutput. Thisincludesfileanddirectorynames and their paths, messages, names of variables and parameters, and passages of the source text of a program. Example text Exactuserentry. Thesearewordsandcharactersthat youenterinthesystemexactlyastheyappearinthe documentation. <Example text> Variableuserentry. Pointedbracketsindicatethatyou replacethesewordsandcharacterswithappropriate entries. iii 2011 © 2011 SAP AG. All rights reserved. AboutThisHandbook ADM940 Icons in Body Text Thefollowingiconsareusedinthishandbook. Icon Meaning Formoreinformation,tips,orbackground Noteorfurtherexplanationofpreviouspoint Exception or caution Procedures Indicatesthattheitemisdisplayedintheinstructor's presentation. iv © 2011 SAP AG. All rights reserved. 2011 Contents Course Overview......................................................... vii Course Goals...........................................................vii Course Objectives .....................................................vii Unit 1: Authorizations in General......................................1 What Are Authorizations?..............................................2 Creating and Implementing an Authorization Concept........... 11 Unit 2: Basic Terminology of Authorizations...................... 41 Elements and Terminology of the Authorization Concept (ABAP)..............................................................42 Authorization Checks in the SAP System .........................63 Unit 3: User Settings.................................................... 75 Maintaining and Evaluating User Data.............................76 Unit 4: Working with the Role Maintenance ......................105 Role Maintenance and Standard Roles...........................107 Special ABAP Roles.................................................144 Subtleties of Authorization Maintenance..........................172 Unit 5: Basic Settings..................................................189 Role Maintenance: Installation and Upgrade ....................191 Access Control and User Administration..........................214 Troubleshooting and Administration Aids.........................251 Unit 6: Transporting Authorizations................................271 Transporting Authorization Components..........................272 Unit 7: Integration into the Company Landscape ...............287 Central User Administration (CUA)................................289 Integration into Organizational Management ....................307 SAP NetWeaver Identity Management............................327 Appendix 1: SAP Notes About Authorizations ................343 Appendix 2: ...........................................................347 Glossary...................................................................349 v 2011 © 2011 SAP AG. All rights reserved. Contents ADM940 Index .......................................................................353 vi © 2011 SAP AG. All rights reserved. 2011 Course Overview ThiscourseprovidesinformationaboutthefundamentalsoftheSAPauthorization concept,usingSAPsystemsbasedonASABAP.BasicknowledgeabouttheSAP environment is vital for this training course. Target Audience Thiscourseisintendedforthefollowingaudiences: • Project team members • Authorizationanduseradministratorsfromsystemadministration • Authorizationanduseradministratorsfromtheuserdepartments Course Prerequisites Required Knowledge • SAPTEC(SAPNetWeaver: FundamentalsoftheApplicationPlatform) Recommended Knowledge • SAP01 (SAP Overview) • Attendanceofbasicandadvancedtrainingcoursesinatleastoneapplication area Course Goals This course will prepare you to: • Outlinetheelements,strategies,andtoolsoftheSAPauthorizationconcept • GenerateandassignauthorizationprofileswiththeRoleMaintenance • WorkwiththeCentralUserAdministration(CUA)tool Course Objectives Aftercompletingthiscourse, youwillbeableto: • Listtheelementsandobjectsoftheauthorizationconcept • ExplaintheuseandpurposeoftheRoleMaintenance • Analyze authorizations • Describe special objects for administrators vii 2011 © 2011 SAP AG. All rights reserved. CourseOverview ADM940 viii © 2011 SAP AG. All rights reserved. 2011 Unit 1 Authorizations in General Unit Overview Thisunitistheentrypointintothetopicofauthorizations. Startingwiththebasicconceptsoftheauthorizationstopic, itaddressesSAP's role-basedauthorizationconcept,anddiscussesamethodthatdescribeshowto create and structure authorizations, and how to implement them in a customer landscape. Unit Objectives After completing this unit, you will be able to: • DescribetheSAPauthorizationconceptaspartofacomprehensivesecurity concept • Explain the access control mechanisms • Explainhowusers,roles,andauthorizationsarerelated • Describethetechnicalimplementationofarole-basedauthorizationconcept • Explainthestructureofanauthorizationconcept • Listthestepsrequiredtoimplementaconcept • Describetheactivitiesfortheindividualimplementationsteps • Use the presented procedure model for implementing an authorization concept for your own projects • Explainthestrategyforuserandauthorizationadministration Unit Contents Lesson: What Are Authorizations? ..............................................2 Lesson: Creating and Implementing an Authorization Concept ........... 11 Exercise 1: Creating and Implementing an Authorization Concept...29 1 2011 © 2011 SAP AG. All rights reserved. Unit1: AuthorizationsinGeneral ADM940 Lesson: What Are Authorizations? Lesson Overview ThislessonwillintroducethecontentsoftheADM940course. Itwillalsoprovide an introduction to the topic of authorizations and the role-based authorization concept, using a number of overview figures. Lesson Objectives Aftercompletingthislesson, youwillbeableto: • DescribetheSAPauthorizationconceptaspartofacomprehensivesecurity concept • Explain the access control mechanisms • Explainhowusers,roles,andauthorizationsarerelated • Describethetechnicalimplementationofarole-basedauthorizationconcept Business Example Authorizationsareusedtocontrolaccessattheapplicationlevel. Atthislevel,the termroleisatthecenteroftheSAPauthorizationconcept. SAPcourseADM940 describestheindividualsteps,fromsetup,throughtheimplementationofarole conceptwithPFCG,toitsuseinaproductionenvironment. Thesystemmustalso beprotectedattheoperatingsystem,database,network,andfrontendlevelsin ordertoimplementacomprehensivesecurityconcept. SAPcoursesADM950and ADM960, for example, consider these issues. Content Overview for SAP Course ADM940 and Positioning in the SAP Customer Curriculum Figure 1: Curriculum - Overview 2 © 2011 SAP AG. All rights reserved. 2011

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.