Skip to Content
avatar image
Former Member

SAP Role for Basis Admins

Dear Gurus,

We are in the realisation phase of  an implementation project and I want to make a role for Basis Administrators.

I need some suggestions as this role will be a complex one to make as it shall have lots of tcodes.

Can someone please suggest me how to approach this issue ?

Also how can i make a DISPLAY ALL role, I heard that display all role was avaialbe till 4.6 C but we dont have any 4.6c system to take references.

Cheers !


Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Apr 26, 2012 at 10:47 PM

    Hi shobhit,

      Please go through the standard SAP basis role SAP_BC_BASIS_ADMIN and customize it according to your needs with the discussion of client.

    Also for Display all role, please let me know what is your correct requirement?Are you looking for all display access in one role and for which team you are looking for this role.


    Varun Jain

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Apr 27, 2012 at 07:51 AM

    HI Shobhit Garg,

    as mentioned by varun you can copy this standard role as per your naming convention eg Z_ and generate the profile.

    if you want display all, copy the role to desktop and edit it using notepad, replace all the activity value 01, 02 etc with 03 and then upload the role. this is a easy way to have display role for basis.

    same you can have a display role for SAP_ALL as well.

    please let me know if you have further issues.



    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Kanth,

      My basic objection with the solution you gave is that there are several objects without an ACTVT field, such as S_ADMI_FCD, S_BTCH_JOB, S_BTCH_ADM, S_CTS_ADMI  and several others which may leave some 'interesting' gaps in a role built by only editing the ACTVT field.

      There are also some objects where the '03' activity does not reflect a 'read' authorization. Unfortunaltely I do not have an example at hand right now.

      So yes, for a 'quick and dirty' approach it may work but I would never present it as a solution to create a 'read-only' role. My objection against editing PFCG download files still stands ;-)