Skip to Content
avatar image
Former Member

security upgrade testing


We have upgraded our sytem from R/3 4.6 to ECC 6. Have executed the post security upgarde steps and found that most of the roles/transactions got implacted. Now we are in security testing phase. It would be very helpful if you could be provide me inputs regrading how to go about security upgarde testing, stargey to be followed for this testing.

Thanks & Regards

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Oct 05, 2011 at 07:09 AM


    The SU25 is the upgrade transaction for the PFCG. In step 2a you can copy the SAP data in the customer environment. With 2b you can compare overlapping default changes from your own with SAP. In step 2c roles,where the new default values would have an impact, are marked. The roles marked with red lights are not invalid and can be used with the old authorization set. If you do not process the step 2c it might be possible that you will run in trouble with new or changed authorization checks, that is why it is recommended to run step 2c and update all red roles.

    I hope this helps you.



    Add comment
    10|10000 characters needed characters exceeded

    • Former Member


      After SU25 steps, you have to identify the list of tcodes which are changed and which are new.

      According to that you should visit all the roles where the above ones are present and do the necessary changes of new authorization checks(use expertmode : Read old data and merge with new data)

      This step is should be done with lot of assessment with the help of business discussions.



  • Oct 06, 2011 at 11:05 AM

    Do what Hari says and then ensure that your updated roles are tested in all the standard e2e business process testing as part of the general upgrade activities.

    Add comment
    10|10000 characters needed characters exceeded