cancel
Showing results for 
Search instead for 
Did you mean: 

Authorization and role administration

Former Member
0 Kudos

Hello ,

Someone may indicate a good book about authorization and role administration?

thanks

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hilton,

There is a more recent book from SAP Press, Security and Data Protection with SAP Systems, published more recently than the old standby Authorizations Made Easy. What this book covers is still pretty good, but even so  it is a bit out of date since the technology has changed so much in recent years. Your best bet is to take the training and learn the rest in the doing. Each solution has an online security guide that covers the specifics, more or less.

Good luck!

Gretchen

Matt_Fraser
Active Contributor
0 Kudos

Authorizations Made Easy is a bit dated, but I would say in terms of fundamentals of ABAP authorizations and role management, it still provides a good foundation. True, it isn't going to cover any of the new(er) UX strategies, such as anything with Java (Portal), or NWBC, etc, and if I recall, it doesn't go into detail about HR authorizations, which have some of their own peculiarities. But, I wouldn't completely discount it as a primer on the basic concept, especially if you can pick up a copy cheaply or free somewhere. The old R/3 Simplification Group that operated in those days out of SAP Labs Palo Alto and published the Made Easy guides did some awesome work in their day, given that most of the manuals and books published prior to that were cryptic for the non-initiate. I think that same group was responsible for the old Pre-Configured Client and other such concepts.

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi Hilton,

Could you please specify which type of authorization and roles ? like HR Security etc ? So that we can suggest any book for you...!

Thanks.

Former Member
0 Kudos

Hi,

I would like a book that show the best practice to create role and authorization for my transactions with security. I would like to prevent unauthorized access and would like to audit the access easily.

Colleen
Advisor
Advisor
0 Kudos

Hi Hilton

Attending formal training might come in handy for that.

There is a book call SAP Authorizations made Easy as a good start. My biggest recommendation is to google and read up on SU24 and PFCG integration. That is key to learning how to build security roles properly. With NWBC, role menus are even more important as they impact user experience (Screen layout)

No one book is going to capture everything for your as every SAP component has its own special piece to security.

Regards

Colleen

Former Member
0 Kudos

Hi Colleen,

This book is a bit dated . His concepts are still valid ?

Regards

Hilton

Colleen
Advisor
Advisor
0 Kudos

Sorry, I thought there was a more recent version via SAP Press

In truth, I've never bough any books on SAP Security (I have 10+ years experience in it). I find building and testing as ways to learn it. The security space in SCN has a few good blogs'

In terms of learning about sensitive authorisations - most of that you pick up through experience. The help documentation on the object is usually quite useful

Regards

Colleen

Colleen
Advisor
Advisor
0 Kudos

Hi Hilton

This really depends on what you are trying to get out of the book As mentioned by Phani the ADM940 course covers the fundamentals for SAP application security.

I have found help.sap information as well as application help along with trial and error to be quite useful. It there a specific topic you would like to get across?

Regards

Colleen

former_member314331
Participant
0 Kudos

ADM940 -> SAP authorization concept, roles etc. (useful for role admins)


Regards,

Phani