Checking for Changes in Authorizations After Upgrades

After an upgrade compare the default check indicators and the field values of the previous and new releases. Run the comparison with Profile Generator: Upgrade and First Installation (transaction SU25).

Context

Between releases SAP can deliver new or modified authority checks in existing roles. To ensure that your business processes are not affected by these changes, check for these changes and their impact on the values you set in your system.

You must check for changes in each client of your SAP NetWeaver Application Server.

Procedure

Start Profile Generator: Upgrade and First Installation (transaction SU25).

Execute the steps in the profile generator.

Action	When to perform
1. Initial fill of customer tables	Caution Only carry out this step for new installations or source releases before R/3 3.0B.
2a. Automatic Comparison with SU22 Data	Always. Mandatory.
2b. Modification adjustment with SU22-data	Always. Mandatory.
2c. Roles to Be Checked	Highly recommended. This step enables you to see what roles you must check and modify for the new authorization concept. Tip Because changing the authorization concept can take time, generate the role SAP_NEW and assign it to the users affected by the changes. This enables your business processes to continue uninterrupted until you have finished your changes. Once you have updated the affected roles, remove any assignments to SAP_NEW.

For more information about the individual steps, see the online help in the application.