The table below lists the authorization elements that you require when preparing a delivery of authorization default data.
Element |
Allowed Values |
Comment |
---|---|---|
Authorization |
Not applicable |
Manifestation of an authorization object, that is, a combination of permissible values for each authorization field of the authorization object. The combination determines the activities with which a user can access certain data. |
Authorization Object |
Not applicable |
An authorization object consists of up to ten authorization fields, which the system checks with an AND linkage. Authorization objects are organized in classes. An object class is a logical combination of authorization objects and corresponds, for example, to an application (financial accounting, Human Resources, and so on). You can use transaction SU21 to edit authorization objects. |
Authorization Field |
Refer to authorization default value |
Smallest unit in an authorization object. An authorization field either represents data, such as a key field in a database table, or activities, such as Read or Create. Activities are specified as abbreviations, which are stored in the database table TACT and, for customer-specific abbreviations, TACTZ. |
Authorization default value |
|
Specified value for authorization field. |
Authorization default status |
|
If an authorization administrator includes the applicatoin in the menu when creating or changing the role, the Profile Generator checks for each object whether it has an authorization default status. If this is the case, the Profile Generator includes an authorization in the role. |
Check indicator |
|
For transactions, you can also control the authorization check with check indicators that are set for each authorization object. |
Maintenance mode |
|
The Maintenance Mode indicaltor is a special attribute of an application. You use it to specify how the authorization default data (SU22 data) of the application is maintained. |
Maintenance status |
|
The maintenance status of applications shows whether the authorization default data for an application is correctly maintained. |