Skip to Content
Jul 08, 2020 at 04:52 PM

SAP Authorization Generic Role for every SAP account



There is a need to create a generic authorisation role to be assigned to every SAP user (regardless of his/her job) for basic (common) tcodes such a SU53, SU56, SU3, NWBC, SO01 etc.

There is a concern with some authorisation objects within this role and if some of them would be flagged as critical permission (hence should not be given to all users but must be in specific role).

Here they are, please let me know if any (with the listed values) should not be given to all users through this generic role:

1) S_RFC and S_RFCACL with the following values:

2) S_BATCH_JOB and S_DATASET with the following values

3) S_SPO_ACT and S_SPO_DEV with the following values:

4) S_DEVELOP with the following values:


22222.jpg (49.2 kB)
3333333333.jpg (43.2 kB)
4444444444444.jpg (38.7 kB)