SAP Security Introduction

 SAP Security consists of two categories

1. User Administrator (User Admins)

2. Role Administrator (Role Admins)

Some projects are handled by two different consultants. In other projects, a single consultant handles both tasks, including User Administration and Role Administration.

 

1. User Administrator (User Admins)

We use transaction codes such as SU01, SU10, PFUD, etc., for User Administration activities.

User ID characters Min 1 character and Max 12 characters.

Note: The allowed characters are letters (A–Z), numbers (0–9), and special characters including underscore (_), dot (.), and hyphen (-).

Password characters Min 8 character and Max 40 characters.

Note: The allowed characters are Uppercase letters (A–Z), Lowercase letters (a–z), numbers (0–9), and special characters including @ # $ % ! etc.

Important SAP Security Parameters:

Login/min_password_lng : Minimum password length

Login/min_password_digits : Minimum digits

Login/min_password_letters : Minimum letters

Note: This activity was performed by the Basis team only.

I will briefly explain the upcoming sessions

 

2. Role Administrator (Role Admins)

We use transaction codes such as PFCG, etc., for Role Administration activities.

Role characters Max 30 characters.

Note: The allowed characters are letters (A–Z), numbers (0–9), and special characters including underscore (_), dot (.), and hyphen (-).

Custom roles start with Z_ or Y_

We have different types of roles, such as Single roles, Master roles, Derived roles, and Composite roles.

Based on the SU53 screenshot, we provide the missing authorizations to users.

I will briefly explain the upcoming sessions


📲 Join our WhatsApp Channel Link for more content updates

Popular posts from this blog

Introduction of SAP

  What is the SAP? SAP ( Systems, Applications, and Products in Data Processing ) refers to a German software company and its popular Enterprise Resource Planning (ERP) software. SAP consists of two categories modules 1. Technical Modules Technical modules focus on system administration, development, integration, and security. These include: SAP BASIS – System administration SAP Security – User roles, authorizations, and access control SAP GRC – Governance, Risk, and Compliance management SAP BTP – Business Technology Platform for cloud development and integration SAP ABAP – Programming and customization of SAP applications 2. Functional Modules Functional modules support specific business processes and aligned with business requirements. These include: SAP MM – Materials Management SAP SD – Sales and Distribution SAP PM – Plant Maintenance SAP HCM – Human Capital Management SAP ...
Read more

SAP Security - User Admin - Part 04

  What Is User Comparison in SAP? User Comparison in SAP is a technical process used primarily by SAP security and system administrators to ensure that user authorizations match their assigned roles and profiles . It’s a key part of SAP’s security model and ensures that users can actually use the permissions that have been assigned to them in the role-based access control system.   Why User Comparison Matters In SAP, there’s a difference between: Assigning a role to a user And making the authorizations effective When an administrator assigns or removes a role, SAP doesn’t always immediately update the user’s master record with the correct authorization profiles. This is where user comparison comes in: it reconciles the user’s master record so that the system knows what the user really has permission to do. Put plainly: ✔ Without user comparison — a user might have a role but no effective authorizations ✔ With user comparison — the user ’ s prof...
Read more