SECMENDO.authority_generator

Optimize SAP authorizations

Customize SAP roles based on an SAP authorization trace

Release Notes

Customized roles and authorization on a tap

 

IBsolution_Bewerbungsprozess-1

Efficient generation of SAP roles

IBsolution_preparation

Change SAP authorizations easily and automatically

IBsolution_Download

Reduction of historically grown roles to the essential

Create SAP roles quickly, easily and precisely

Who hasn't? Your department expects you to create complex SAP authorizations without having been sufficiently informed about the business context. This often leads to errors and time-consuming work, which slows down the development process of PFCG roles.

On the other hand, there are also users who have too extensive SAP authorizations. These may contain critical SAP authorizations and SoD conflicts. If these are technical users, this situation poses a high security risk. If the user is hijacked, there is often unrestricted access to a large number of connected systems.

To minimize these risks, it is recommended that you develop PFCG roles from an SAP authorization trace. This is often time-consuming and error-prone due to the many manual entries. An SAP authorization trace can contain hundreds of authorization objects, each of which can have up to ten values. There are also various options for assigning an asterisk to authorizations to speed up the process. It quickly becomes apparent that with a large SAP authorization trace, the development of compliance-compliant PFCG roles can take hours.

SECMENDO.authority_generator creates custom-fit SAP roles fully automatically in just a few steps. It imports an SAP authorization trace of the type STAUTHTRACE and ST01 and creates a role file with the SAP authorizations required by the user after a few manually entered parameters.

In addition, an existing PFCG role can be extended with a trace and regenerated. If you want to revise existing roles, for example with many manual authorization objects, you can regenerate the role in the SAP standard by selecting a predefined SAP standard SU24, or by uploading a customer-specific SU24.

This speeds up the adjustment of the authorizations of the roles enormously, especially during an upgrade or release change, since the PFCG roles are simply regenerated with the new authorizations and those of the old role. The role can be configured as required using the input parameters and then only needs to be imported into the PFCG.

SAP roles are thus created or changed within a few minutes.

register here
SECMENDO authority_generator SAP System Import

Fast creation of tailored SAP authorizations

  • Execute SAP authorization trace

  • Import Trace into SECEMENDO.authority_generator

  • Generate SAP roles

  • Import role file into SAP system

  • Done

SECMENDO.authority_generator_Role_design

Increased security in SAP authorizations

  • Job-related creation of SAP authorizations based on a trace

  • Remove unused SAP authorizations from the role

  • The role now only contains SAP authorizations that are really needed

Price Plan

usage based

start for free

register now

Annual License

from 300 EUR p.a.

Ask for a proposal

A selection of our customers

Want to know more about SECMENDO.authority_generator?

Please fill ou and submit the form. We'll get back to you as soon as possible.