Understanding Project Shark memebers need a public ID that can do all display activities. However in SAP the concept 'display' doesn't really work that well, since a lot of tasks are based on business behavior.
To make a perfect 'DISPLAY ONLY' role, the security administrator will have to work on each objects from SAP_ALL, and determine which activities should be get rid of. However a lot of authorizations are defined as 'approved', 'promote', 'assign', 'move', and so on. These activites cannot be simply explained as CHANGE or DISPLAY.
Giving a very short time to build the DISPLAY ONLY role, how to? Below is how we build the role. Basically it's coming from SAP_ALL and replace activity from * to 03
Understanding Project Shark memebers need a public ID that can do all display activities. However in SAP the concept 'display' doesn't really work that well, since a lot of tasks are based on business behavior.
To make a perfect 'DISPLAY ONLY' role, the security administrator will have to work on each objects from SAP_ALL, and determine which activities should be get rid of. However a lot of authorizations are defined as 'approved', 'promote', 'assign', 'move', and so on. These activites cannot be simply explained as CHANGE or DISPLAY.
Giving a very short time to build the DISPLAY ONLY role, how to? Below is how we build the role. Basically it's coming from SAP_ALL and replace activity from * to 03
https://c1.staticflickr.com/9/8064/29976568322_0cc1a74633_b.jpg
https://c2.staticflickr.com/6/5762/30090856605_c844316aba_o.jpg
https://c1.staticflickr.com/9/8056/30007390681_4b370d2aee_b.jpg
https://c1.staticflickr.com/9/8755/30007390391_7a68d4d338_o.jpg
https://c2.staticflickr.com/6/5511/30090856555_b67449ab13_b.jpg
https://c2.staticflickr.com/6/5315/30007390261_7cd2ec1335_b.jpg
Project 'Clam' founder
edited Oct 3 '16 at 4:15 pm