> After comparing, these 3 objects are missing from SAP standard proposal!

> F_KNA1_GEN

> F_KNA1_GRP

> F_LFA1_AEN

>

> Worst of all, the are also removed in customer table USOBX_C and USOBT_C table.

> -

The proposal comes from these tables so the fact that they're missing there looks fairly normal to me.

>

>

> My questions are

>

> 1) Is there a way to prevent SAP from removing entries from USOBX_C and USOBT_C tables during upgrade? - Is there at least some form of control? It seems that after upgrade to 6.0, USOBX_C and USOBT_C table will have new entries, and missing entries compared to 4.6C.

I would think you'd need to perform step 1 in tr. SU25 to get this result. Can you see who did that and when?

>

> Any way to list out the expected changes before the system really does the "damage"?

Yes, right after the upgrade and before running SU25-step 1 compare USOBT and USOBT_C and USOB_X and USOBX_C.

> 2) Why does SAP remove standard proposal from 4.6C after upgrade?

> I can understand adding of new mapping to customer data, but removing existing values from customer data is not nice.

The customer tables are completely overwritten. This is expected behaviour.

> 3) Since SAP removed the mapping from USOBX and USOBT, can we assume that the checking of auth object is not required for that particular txn?

You can start with assumptions but I would test it.

> 4) SAP has removed the proposal link between txn vs auth object.

> This means when I add txn, e.g XK03 to a role, the 3 objects

> F_KNA1_GEN

> F_KNA1_GRP

> F_LFA1_AEN

> system will no longer pull any proposed values to my role.

>

> What happen to existing roles which previously has XK03 and

> F_KNA1_GEN

> F_KNA1_GRP

> F_LFA1_AEN

> maintained? Do I need to remove these 3 objects from the roles?

Not necessarily, unless they would damage your authorization concept by providing too wide authorizations for another tcode in this users' roles.

>

> - I did a test , if I select Change Auth Data , the object F_KNA1_GEN is still present in the role.

> If I select edit in Expert Mode - Read old status and merge with new data, the object is removed automatically.

This is also expected behaviour. With this option SAP checks the proposals for all transactions present in the role menu. Only objects that were entered in the same 'automatic' way into the role earlier and which are still in the customer tables remain unaltered.

>

> It seems dangerous to use Expert Mode, as auth objects might be removed from the role without us

> knowing unless we compare BEFORE and AFTER....

This is one of the dangers of upgrading a system.

[SAP Help|http://help.sap.com/saphelp_nw2004s/helpdata/EN/e3/3b9e583bc311d5b3cb0050dae02d7c/frameset.htm] has a lot of info on the subject.

Also George G filled a nice thread: about his experiences during a similar upgrade.