You can globally deactivate authorization checks with Transaction AUTH_SWITCH_OBJECTS. The system does not execute any authorization checks for deactivated authorization objects.

You deactivate authorization objects in the tree display by selecting the checkbox to the left of the object. The deactivated authorization objects are then displayed in red. The authorization checks are not ignored in the system until you save your settings.

Globally deactivating authorization checks considerably reduces authorization maintenance. The system does not insert any authorization data in the Profile Generator for deactivated authorization objects. With Release upgrades, transactions whose authorization data is to be postprocessed are not displayed for postprocessing if the corresponding authorization object is globally deactivated.

If you activate authorization objects that were previously deactivated, note that you may have to postprocess the authorization data for many roles.

If you reactivate authorization objects, these objects are not contained in any roles. In this case, call Transaction PCFG and choose Read old status and compare with the new data in the tab Authorizations in expert mode to generate profiles. Maintain any authorization values that are missing and then regenerate the profile.

You can transport the settings in Transaction AUTH_SWITCH_OBJECTS. During the transport, for reasons of security the system transports the inactive (saved) version of the deactivated authorization objects. You activate the deactivated authorization objects by choosing Authorization objects ® Activate data.