08-25-2008 12:13 PM
Dear Gurus,
I am basis consultant and I want to design PFCG roles for BW team in Production system.
BW team has asked for AL11, SM50,SBIW,SPRO(display), SE16 (display),se10,se01,se93,se84,se3,sm12 etc. tcode access in production system.
Many t-code are Basis t-codes. Bw team need only display access.
I read about SOD, but want to know practically more about it.
What kind of things auditors will check ?
I want to know from audit perspective, is it ok to give all this access to BW team???
is any recommended designed role or BLOG for authorization of BW team in production environment ?
Please advise.
Edited by: Imran Mulani on Aug 25, 2008 1:14 PM
08-25-2008 10:09 PM
It is very difficult to answer such a question without knowing which functions this "BI team" needs to fullfill...
Even more so..given the transactions you have mentioned... (without mentioning which authorization objects and their field values this "BI team" has) it is impossible to answer this question in a meaningfull way.
With those transactions and significant authority for other objects, they will never need to contact you for authorization changes to that role again...
Please provide more details.
Cheers,
Julius
08-25-2008 10:09 PM
It is very difficult to answer such a question without knowing which functions this "BI team" needs to fullfill...
Even more so..given the transactions you have mentioned... (without mentioning which authorization objects and their field values this "BI team" has) it is impossible to answer this question in a meaningfull way.
With those transactions and significant authority for other objects, they will never need to contact you for authorization changes to that role again...
Please provide more details.
Cheers,
Julius
08-26-2008 5:57 AM
Hi Julius,
Thanks for the reply.
I am able to understand now after reading your "A collection of threads: FAQ's, intros and memorable discussions"
Marvelous job done..thank you again !!