authorizations - self study exercise 1.pdf
TRANSCRIPT
At the conclusion of this exercise, you will be able to:
• Describe the components of the authorization object
• Create an Authorization Object Class and an Authorization Object
Authorization Objects are central in securing your SAP R/3 applications.
Authorization objects are used in both programs and transactions to secure
user activity.
Creating custom authorization objects would be required if your company
wanted to protect new development work and an SAP R/3 authorization
object was not available.
1-1 Display the authorization objects classified under the object class: MM: Master
Data (MM_G)
(Menu Path: Tools ABAP Workbench, Development Other Tools Authorization
Objects Objects)
1-1-1 How many authorization objects are there?
___________________________________________________
1-1-2 What is the authorization object M_MATE_STA used for?
___________________________________________________
1-1-3 What are the fields that are to be checked for the authorization object
M_MATE_STA?
___________________________________________________
1-1-4 Where are these fields defined so that they could be used by this
authorization object?
___________________________________________________
1-1-5 What are the available activities for the authorization object
M_MATE_STA as stated in the documentation for the object?
___________________________________________________
1-1-6 Verify this by reading the table TACTZ.
___________________________________________________
(Menu Path: Tools ABAP Workbench, Overview Data Browser)
2-1 Go to the Information System in the ABAP Workbench.
(Menu Path: Tools ABAP Workbench, Overview Information System)
2-1-1 Select the report on authorization objects. Expand each section by selecting
the folder icon.
Environment Authorizations Authorization Objects (Double-Click)
2-1-2 Enter the authorization object name M_MATE_STA, Press Execute Icon.
2-2 Select the authorization object and press the where used icon.
(Menu Path: Goto Where -Used List)
2-2-1 Is the authorization object being used in transactions?
___________________________________________________
2-2-2 Double click on some of the transactions to see what values the
authorization object fields are being checked for.
When an entry is left blank in the authorization check fields for
transactions, it is considered not relevant or <Dummy>. In this
case, the authorization check for starting MM06 will only verify that
the user has an authorization for activity 06 of this authorization
object.
2-2-3 Is the authorization object being used in programs?
___________________________________________________
2-2-4 Double click on some of the programs to see how the authorization object is
being used in the source code.
3-1 Create a custom Authorization Object Class and a custom Authorization Object.
(Menu Path: Tools ABAP Workbench, Development Other Tools Authorization
Objects Objects)
3-1-1 Create your own object class from the Object Class List screen:
Object Class Description
ZC## Group ## Object Class
Note: ##: Group number
Press ‘SAVE' when complete.
3-1-1 On the ‘Create Object Catalog Entry' pop-up screen enter development class
Z001.
The assignment to a development class allows this client
independent object to be recorded in a change request. This will
enable the object to be transported later to another system. You will
be asked for a change request number which can create by pressing
the ‘Create' icon, entering a description and pressing the ‘Save' icon.
3-2 Select your object class (Double-Click) from the Object Class List screen to enter
the Authorization Object List screen. Create your own Authorization Object:
Authorization Object Description
ZOBJ## Group ## Object
Note: ##: Group number
3-2-1 Assign the following fields to your authorization object. Press save when
complete.
ACTVT ( Activity )
BUKRS ( Company Code )
3-2-2 On the ‘Create Object Catalog Entry' pop-up screen enter development
class Z001.
You will be asked for a change request number. The change request
number created for the Authorization Object class should already be
displayed. Press the ‘Continue' button to get past the pop-up screen.
Unit: Roles
Topic: Creating Activity Group without Responsibilities
At the conclusion of this exercise, you will be able to:
• Create an Activity Group without Responsibilities
Various positions in your company require the capability to perform
transactions in the SAP R/3 system. Roles and Responsibilities should be
built to address the required authorizations for these positions.
A position in your organization has been defined for maintaining
materials. In this case, the activity requirements are unique to this
material maintenance position, thus an activity group without
responsibilities is required.
1-1 Create an Activity Group without responsibilities to support the material master
data transactions: MM01, MM02, MM03. From the Maintain Activity Group
screen, create an Activity Group: MAT##_AG
(Menu: Tools Administration, User Maintenance Roles)
1-1-1 When asked to create with responsibilities, select ‘No'.
1-1-2 Enter a description in the Activity Group Basic Data screen.
1-1-3 Save your Activity Group.
1-2 Go to the menu selection screen by pressing the Menu pushbutton.
(Menu Path: Goto Menu).
Continued on next page
1-2-1 Select the following transactions from the Company Menu:
Task Menu Path
Create a material record
(transaction MM01 ) Logistics Material Management Material
Master Material Create(General)
Immediately
Change a material record
(transaction MM02 ) Logistics Material Management Material
Master Material Change Immediately
Display a material record
(transaction MM03 ) Logistics Material Management Material
Master Material Display Display Current
You may confirm the transaction codes by turning on the technical
names (Menu Path: Edit Technical Names Technical Names ON)
1-2-2 Return to the Activity Group Basic Data screen.
1-3 Go to the Authorization Profile screen by pressing the Authorizations pushbutton.
( Menu Path: Goto Authorization Profile).
1-3-1 Enter the following organization level data:
Company code: 1000
Warehouse number: 001
Sales organization: 3000
Distribution Channel: 03
Plant: *
1-3-2 Review open authorizations (expand at yellow lights).
For this example, set the remaining fields to ‘Complete Authorizations'.
You would not normally do this. Each field must be properly
investigated. There should not be a case where complete
authorizations have been granted.
1-3-3 Generate the profile and assign the profile name Z:MATPG##.
(Menu Path: Authorizations Generate)
1-3-4 Review the profile name using: Menu Path: Authorizations Profile
Overview
1-3-5 Return to the Activity Group Basic Data screen.
Unit: Roles
Topic: Activity Group with Responsibilites
At the conclusion of this exercise, you will be able to:
• Create an Activity Group with Responsibilities
Multiple positions in your organization have been defined for maintaining
vendors for different company codes. In this case, the activity
requirements are similar for each position, however, different
authorization profiles are required for each position. This is due to each
position having acces to different Company Codes. An activity group
using responsibilities is required to meet this need.
1-1 Create an Activity Group with responsibilities to support the vendor master data
transactions: FK01, FK02, FK03. Responsibilities are required for maintianing the
company codes 1000 and 3000 seperately. From the Maintain Activity Group
screen, create an Activity Group: VEND##_AG
1-1-1 When asked to create with responsibilities, select ‘Yes'.
1-1-2 Enter a description in the Activity Group Basic Data screen.
1-1-3 Save your Activity Group.
1-2 Go to the menu selection screen by pressing the Menu pushbutton.
(Menu Path: Goto Menu).
1-2-1 Select the following transactions from the Company Menu:
Task Menu Path
Create a vendor record
(transaction FK01) Accounting Financial Accounting
Accounts Payable Master Records Create
Continued on next page
Change a vendor record
(transaction FK02) Accounting Financial Accounting
Accounts Payable Master Records
Change
Display a vendor record
(transaction FK03) Accounting Financial Accounting
Accounts Payable Master Records
Display
You may confirm the transaction codes by turning on the technical
names (Menu Path: Edit Technical Names Technical Names ON)
1-2-2 Save your work.
1-2-3 Return to the Activity Group Basic Datal screen.
1-3 Go to the Responsibilites screen by pressing the Responsiblities pushbutton. (Menu
Path: Goto Responsibilities) Create a Responsibility for vendor maintenance of
company code 1000:VND##_1000 (Menu Path: Responsibility Create).
1-3-1 Maintain the Authorization Profile for the Responsibility: VEND##_1000.
(Cursor must be on a responsiblility)
Menu Path: Goto Authorization Profile
1-3-2 Enter the following organization level data:
Company code: 1000
1-3-3 Review open authorizations (expand at yellow lights).
For this example, set the remaining fields to ‘Complete
Authorizations'.
You would not normally do this. Each field must be properly
investigated. There should not be a case where complete
authorizations have been granted.
1-3-4 Save your work.
1-3-5 Generate the profile and assign the profile name RY:##_1000.
(Menu Path: Authorization Generate)
1-3-6 Return to the Responsibilites screen.
1-4 Create a Responsibility for vendor maintenance of company code 3000:
VND##_3000
1-4-1 Maintain the Authorization Profile for the Responsibility: VEND##_3000.
1-4-2 Enter the following organization level data:
Company code: 3000
1-4-3 Review open authorizations (expand at yellow lights).
For this example, set the remaining fields to ‘Complete Authorizations'.
1-4-4 Generate the profile and assign the profile name RY:##_3000.
1-4-5 Return to the Responsibilites screen.
Unit: Roles
Topic: Templates
At the conclusion of this exercise, you will be able to:
• Create a Template
• Assign a Template to a user
All users may be required to perform the same functions, such as printing,
trouble shooting transactions, etc. Create a template that you can use
when defining new users.
1-1 Create a template to grant access to standard user transactions and authorization
objects.
1-1-1 Create a template: GR##_TMPL. The template should allow the user to
start the following basic transactions: SU3, SES0, SU53, SU56, SP01. You
require the S_TCODE authorization object for this.
1-1-2 The template should allow the user to be able to print to the local printer.
Use the template Print Authorizaitons (SAP_PRINT) for this.
(Menu path: Edit Insert auth. From template).
Ask the instructor for the local printer name.
Complete the authorization for the authorizaiton object S_SPO_ACT (Use
complete authorization for the remaining field)
1-1-3 Save your template.
1-1-4 On the ‘Create Object Catalog Entry' pop-up screen enter development class
Z001
You will be asked for a change request number. The change request
number you created in a previous exercise should already be
displayed. If not, select it by pressing the ‘Own Requests' button.
Press the ‘Continue' button to get past the pop-up screen.
2-1 Add the template authorizations to the Roles and responsibilities you have created.
Maintain the Activity Group MAT##_AG.
2-1-1 Go to the authorization profile view.
2-1-2 Insert the template GR##_TMPL and review the authoirzaitons
2-1-3 Review the authorization profile values.
2-1-4 What is different in the authorizations listed below the S_TCODE
authorization object?
___________________________________________________
2-1-5 What can be done about this?
___________________________________________________
2-1-6 Regenerate the profile.
2-2 Maintain activity group VND##_AG and repeat the process in 2-1 for
responsibilities VND##_1000 and VND##_3000.
Unit: User Administration
Topic: Creating User Administrators
At the conclusion of this exercise, you will be able to:
• Create a user group
• Create an activity group to grant authorizations for user maintenance
within your user group
• Create a user administrator ID for your user group
User administrators take care of most tasks concerning user accounts.
Tasks can be delegated based on the activities that can be performed on
specific user groups.
1-1 Create a new user group for your users.
(Menu Path: Tools Administration, User mainenance Users, Environment User
Groups)
1-1-1 Create user group ZGROUP##.
1-1-2 Save your work.
2-1 Create an Activity Group to for user administration activities.
2-1-1 From the Maintain Activity Group screen, create an Activity Group:
ADM##_AG
(Menu Path: Tools Administration, User maintenance Roles)
2-1-2 When asked to create with responsibilities, select ‘No'
2-1-3 Enter a description in the Activity Group Basic Data screen.
2-1-4 Save your Activity Group.
2-2 Go to the authorization profile screen by pressing the Authorization pushbutton.
(Menu Path: Goto Authorization Profile)
2-2-1 Select the template SAP_ADM_US
2-2-2 Enter the following organization level data, if requested:
Plan Version: 01
If a plan version has been assigned via implement guide, it will not
be requested. This is also true for certain other organizational level
fields.
2-2-3 Review authorizations, and assign the values stated for each of the
following authorization objects:
Authorization Object: S_USER_GRP
Field Name Value
ACTVT ( Activity ) 01
02
03
06
08
User Group ZGROUP##
Authorization Object: S_USER_PRO
Field Name Value
ACTVT ( Activity ) 03
22
Profiles *
Authorization Object: PLOG (Human Resources)
Field Name From To
Object Type O
C
P
T
S
A
US
RY
Authorization Object: S_USER_AUT: Inactive
Remaining open values can be set to complete authorizations.
2-2-4 Save your work.
2-2-5 Generate the profile and assign the profile name S:USRADM##.
(Menu Path: Authorization Generate)
3-1 Create a User Administrator: USRADM##
(Menu Path: Tools Administration, User Maintenance Users)
3-1-1 Fill out the required fields, and assign the user to user Group: SUPER.
3-1-2 Assign the Activity Group ADM##_AG to the user.
3-1-3 Select ‘Task Profile' view.
3-1-4 Select ‘Add' within the ‘Task Profile' View.
3-1-5 Select Activity Group.
3-1-6 Enter Activity Group name ADM##_AG
The profile(s) related to the activity group will automatically be
inserted / removed when you press enter.
3-1-7 Go to the Profiles view. What profile has been inserted?
___________________________________________________
3-1-8 Save the user ID.
3-2 Login to the system using your new user administrator: USRADM##.
3-2-1 Create a sample user ID: SAMPLE##.
3-2-2 Fill the required fields and assign the user group: ZGROUP## . Go to the
Logon data view to assign user groups.
3-2-3 Save the user ID.
3-3 Once you've created the user, can you:
3-3-1 Change the user's password?
3-3-2 Lock the user?
3-3-3 Attempt to maintain another groups SAMPLE## user. Are you successful?
___________________________________________________
4-1 Create the following User ID's to be used later on:
NOTE: Do NOT assign any task profiles to these users!
4-1-1 Material Master User.
User ID: MAT##
User Group: ZGROUP##
4-1-2 Vendor Master User for Company 1000.
User ID: VEND##_C1
User Group: ZGROUP##
4-1-3 Vendor Master User for Company 3000.
User ID: VEND##_C3
User Group: ZGROUP##
Unit: Case Studies
Topic: Controlling Configuration Tables
At the conclusion of this exercise, you will be able to:
• Control access to tables via the standard maintenance tools: SE16,
SM30, and SM31 using Table authorization groups
Authorization Groups are used to control large groups of data that needs
to be secured. Examples of authorization groups are: Table Authorization
Groups, Material Authorization Groups, Document Authorizaiton Groups.
Program Authorization groups. These Authorization Groups are typically
maintained via the Implementation Guide (IMG).
1-1 Create authorizations so that a user can view specific tables in transaction SE16.
The user needs the ability to display two tables: the company code table and the
business area table. Those table names are V_T001 (company code) and V_TGSB
(business area). Read the documentation for the authorization object S_TABU_DIS
(Object Class: Basis Administration).
(Menu Path: Tools ABAP Workbench, Development Other Tools Authorzations
Objects)
1-1-1 What does the documentation say about S_TABU_DIS? (Object Class:
Basis:Administration)
___________________________________________________
1-1-2 What activities are allowed?
___________________________________________________
1-1-3 What is table TDDAT?
___________________________________________________
1-2 Find the authorization group assigned to table V_T001 and V_TGSB.
1-2-1 Go to the data browser (Transaction SE16).
(Menu Path: Tools ABAP Workbench, Overview Data Browser)
1-2-2 Enter table TDDAT and press on the table contents square button.
1-2-3 In the TABNAME field enter V_T001. Press the execute button. Note the
authorization group in the CCLASS field.
1-2-4 Repeat for TABNAME V_TGSB. Note the authorization group in the
CCLASS field.
1-3 Create the Activity Group SAMPLE##_AG
1-3-1 Go to the menu selection screen by pressing the Menu pushbutton. Select
the following transactions from the Company Menu:
Task Menu Path
Data Browser (transaction
SE16 ) Tools ABAP Workbench, Overview
Data Browser
1-3-2 Save your work.
1-3-3 Return to the Activity Group Detail screen.
1-4 Go to the authorization profile screen by pressing the Authorization pushbutton.
Review open authorizations. Assign the following values for the authorization
object S_TABU_DIS:
Authorization Object S_TABU_DIS
Field Name Value
ACTVT ( Activity ) 03
Authorization Group FCOR
1-4-1 Insert authorizations from your template GR##_TMPL
(Menu Path: Edit Insert Authorizations Template)
1-4-2 Save your work.
1-4-3 Generate the profile and use the default name for the profile.
(Menu Path: Authorizations Generate)
1-4-4 Return to the Activity Group detail screen.
1-5 Go to the Agent assignment screen by pressing the Agent Assigment pushbutton.
Assign the profile to the sample user: SAMPLE##.
1-5-1 Update the user master record.
(Menu Path: Authorizations Compare User Master)
1-6 Login as SAMPLE##. Go to SE16 and answer the following questions:
1-6-1 Can you display table V_T001? Why?
___________________________________________________
1-6-2 Can you change table V_T001? Why?
___________________________________________________
1-6-3 Can you display table V_TGSB? Why?
___________________________________________________
1-6-4 Can you change table V_TGSB? Why?
___________________________________________________
1-6-5 Can you display table V_TVKO? Why?
___________________________________________________
Unit: Case Studies
Topic: Controlling Program Access using Reporting Trees
At the conclusion of this exercise, you will be able to:
• Control program access using reporting trees
Reporting trees are utilized to allow users to execute reports, and save
lists. Nodes in a reporting tree can be protected using program
Authorization Groups, checked against the authorization object
S_PROGRAM.
Reporting trees can also be made available to web pages. This would
allow an internet user, after supplying a SAP R/3 login, to launch reports
via the web. ABAP programs can only be executed via the web if an
authorization group has been assigned to the attributes. SAP R/3
programs may be assigned authorization groups via the programs
RSCSAUTH and RSABAUTH.
1-1 From the CA940-## user ID, use transaction SERP to change the report tree for
your group number. You wish to grant the user access to only part of the tree, and
take away the access from the rest:
Table TR-1
Group Application Transaction
code
Report
Tree
1 Cash Budget Management FMRB FMCB
2 Consolidation GC50 FILC
3 Controlling orders KOC2 OPA1
4 Cost & Revenue Element Accounting KALM RCL1
5 Cost Center Acct'g KSBB RKS1
6 Customers F.99 FIAR
7 General Ledger F.97 FIGL
8 Investm.Mgt. IMI0 IMFA
9 Profit.Center Acct'g KE5A PCA1
Continued on next page
10 Project information system CJR1 PS01
11 Spec.Purp.GL GD00 FISL
12 Vendors F.98 FIAP
1-1-1 Double-click on the first line of the tree.
1-1-2 From this “Change Nodes” screen, go to the node attributes.
(Menu path: Node Attributes)
For the "New" group name enter UNAUTH. Hit enter then save.
1-1-3 Go back to the main screen: ‘Change Report Tree'
1-1-4 For one of the lower level nodes, perform the same procedure as above and
set the authorization group name to GRP##.
1-2 Modify your activity group SAMPLE##_AG.
1-2-1 Go to the menu selection screen by pressing the Menu pushbutton.
1-2-2 Select the following transactions from the Company Menu:
Task Menu Path
Transaction Code from
Table RT-1
???
Find your transaction code using the find utility (the binoculars in
the top toolbar)
Select this transaction by clicking on the checkbox to fill it in and set
the traffic light to green.
1-2-3 Return to the Activity Group Detail screen.
1-3 Go to the authorization profile screen via the selection screen.
(Menu path: Goto Authorization Profile w/ Selection)
The text below the authorization pushbutton will indicate that the profile needs
to be merged.
1-3-1 Select: Read old data and merge with new.
This allows you not to lose any previous authorizations that have
been assigned, and inherit the new authorizations based on:
New Menu Selections
New information in the configuration tables
1-3-2 You need to insert the S_PROGRAM authorization object manually.
(Menu path: Edit Insert auth. Insert manually).
1-3-3 From the Authorization Profile screen, find this “Manual” object and the
following field values:
Authorization Object S_PROGRAM
Field Name Value
Action SUBMIT
VARIANT
Authorization Group GRP##
1-3-4 Save your work.
1-3-5 Regenerate the profile.
1-4 Logoff the SAMPLE## user and log back on to get this new authorization (the
profile is already assigned to the user).
1-4-1 Test your reporting transaction by entering the transaction code for the your
reporting tree transaction (Table RT-1)
1-4-2 Try executing a report under the node you have assigned the program group
‘UNAUTH'.
Use transaction code SU53 and check which authorization check
failed.
1-4-3 Try executing a report under the node you have assigned the program group
‘GRP##' to.
If the report failed to run, use SU53 to see what additional
authorization is required. The message should be for an object other
than S_PROGRAM for group UNAUTH.
You have been granted access to navigate to the report via the report
tree, but may require additional authorization to run the report itself.
Unit: Case Studies
Topic: Structured Authorizations using an Organizational
Plan
At the conclusion of this exercise, you will be able to:
• Create an organizational plan
• Assign users to your organizational plan
• Assign Roles and responsibilities to your organizational plan
Structured authorizations can be used whether you have implemented the
Human Resources module or not. This solution allows the security team
to concentrate on assigning the appropriate authorizations to positions in
an organization, and not directly to users. This forces the business
community to properly define the roles and positions of all users in an
organization.
1-1 Create an organizational structure for your organization.
(Menu Path: Tools SAP Business Workflow Oranizational Plan, Simple
Maintenance Organizational Plan Create)
1-1-1 Create an organization unit Z##ORGPLAN.
1-1-2 Create subsidiary organizational units: (Select ‘Create' Icon)
Z##DepMAT
Z##DepVND
Z##DepADM
1-2 Go to the Staff Assignments View to create positions for your organizational units.
(Menu Path: Goto Staff Assignments)
1-2-1 Create a position Z##PosMat for your organizational unit Z##DepMAT.
Select ‘Create Position' while having your cursor on the org. unit
Z##DepMAT.
Normally, a job would be created and have multiple positions
assigned to it. If you ignore the warning message, the system will
allow you to create the postion without a job.
1-2-2 Create a position Z##Vnd1000 for your organizational unit Z##DepVND.
1-2-3 Create a position Z##Vnd3000 for your organizational unit Z##DepVND.
1-2-4 Create a position Z##PosAdm for your organizational unit Z##DepADM.
1-3 Assign the following holders to the positions as listed. Select ‘Assign Holder' while
having your cursor on the appropriate position.
User Position
MAT## Z##PosMat
VEND##_C1 Z##Vnd1000
VEND##_C3 Z##Vnd3000
USRADM## Z##PosAdm
1-4 Go to the Task Assignments view and assign the following responsibilities and
Roles to your positions:
1-4-1 Select ‘Task Profile' while having your cursor on the appropriate position.
1-4-2 From the Create Task screen, select ‘Assign Task' for Roles and ‘Assign
Responsibility' for Responsiblities.
Position Type Name
Z##PosMat Task MAT##_AG
Z##Vnd1000 Responsibility VND##_1000
Z##Vnd3000 Responsibility VND##_3000
Z##PosAdm Task ADM##_AG
1-5 Display the activity group MAT##AG.
1-5-1 Go to the Agent Assignment screen.
1-5-2 What is the activity group assigned to?
1-5-3 Perform the User Master Update to update the user record.
Note that the association of the activity group to the position has
already been maintained. This, however, does not effect the User
Master Records directly. So far, only the object relationships have
been maintained in the infotypes. The User Master Record must be
reconcoliated to receive the new profile assignment.
1-6 Display the activity group VEND##_AG
1-6-1 Go to the Responisbilites screen.
1-6-2 What are the responsibilities assigned to?
1-6-3 Perform the User Master Update to update the user record.
1-7 Display the activity group ADM##_AG
1-7-1 Go to the Agent Assignment screen.
1-7-2 What is the activity group assigned to?
1-7-3 Remove the direct assignment to user USRADM##.
1-7-4 Perform the User Master Update to update the user record.
Typically, you would execute the user master update program once,
without specifying an Activity Group. This would update all users
in the current client. Use transaction PFUD for this process.
Unit: Specialized Administration Topics
Topic: Troubleshooting Tools
At the conclusion of this exercise, you will be able to:
• Use the trouble shooting tools SU53 and SU56 to verify failed
authorization and user buffer contents.
1-1 Logon as your users and attempt to use the transactions they are authorized to.
1-1-1 Logon as: Vendor Master User for Company 1000. User ID:
VEND##_C1.Create a vendor using transaction FK01.
Use the following information: Vendor number 10##, Company Code: 1000.
Enter all required fields, press ‘Save' when complete.
1-1-2 Were you successful?
___________________________________________________
1-2 Logon as: Vendor Master User for Company 3000. User ID VEND##_C3. Try to
change the vendor, using transaction FK02, created by user VEND##_C1.
1-2-1 Were you successful?
___________________________________________________
1-2-2 What was the missing authorization and values?
___________________________________________________
1-3 Logon as: Material Master User. User ID: MAT##
1-3-1 Try to change an existing material using MM02. Were you successful?
___________________________________________________
1-3-2 Try to display a vendor using transaction FK01. Were you successful?
___________________________________________________
1-3-3 What are the contents of the user buffer?
___________________________________________________
Unit: Specialized Administration Topics
Topic: Transport And Control
At the conclusion of this exercise, you will be able to:
• Add Roles to Change Requests for transporting
1-1 Manually assign your Roles to a transport.
1-1-1 Go to the Roles Maintenance screen
Menu Path: Tools Administration, User Maintenance Roles
1-1-2 Enter the activity group MAT##AG and press the ‘Transport' Icon.
1-1-3 Create a new Change Request and note the number.
__________________________________________________
1-1-4 Enter the activity group VEND##_AG and press the ‘Transport' Icon. Use
the same Change Request as in 1-1-3.
1-1-5 Enter the activity group ADM##_AG. Use the same Change Request as in
1-1-3.
1-1-7 What is another mechanism for adding Roles to a change request?
___________________________________________________
1-1-8 Why were change requests not automatically requested for the Roles you
created initially?
2-1 Go to the Transport Organizer and view the Workbench Organizer to look at the
open requests.
(Menu Path: Tools Administration, Transports Transport Organizer)
2-1-1 Press ‘Workbench Organizer'. What objects are to be transported?
___________________________________________________
2-1-2 Return to the Transport Organizer
2-2 View the Customizing Organizer and look at the open requests.
2-2-1 What objects are to be transported?
___________________________________________________
Unit: Specialized Administration Topics
Topic: Information System/ Audit Information System
At the conclusion of this exercise, you will be able to:
• Execute reports in both Information System and Audit Information
System
1. Execute various programs in both the Information System and the Audit Information
System.