2007 Apr 10 2:23 PM
Hi,
We have added a new company code to our existing production environment. Now we need to give authorization for all the users to access this company code, using various transaction codes. Is there any short way of doing this? or we need to identify the Roles which is having this authorization and change it one by one.
Thanks
Anil
2007 Apr 10 2:30 PM
Hi anil,
Identify the role which has the BUKRS authorization object. And write a SCAT/SECATT script to add the new company code at once.
Please visit the following site:
http://www.sapecc.com/tutorials/secat.htm for SECATT
http://www.sapsecurityonline.com/tutorials/scat.htm for SCAT.
Hope it helps.
Please award points if it is useful.
Thanks & Regards,
Santosh
2007 Apr 10 2:42 PM
Hi Anil,
Basically, your role structure should be based on derived role in order to make likewise changes within short time,
If there is any parent role you maintain, just create a new role derived from this parent role and change organisational elements once. All the related authorizations in that role will be changed according to company code you mentioned in organisational elements.
If you do not maintain derived roles, then probably it would be really difficult and time consuming activity to make changes every time.
CATT enables you to record actions that you perform in SAP and execute these actions repeatedly in the system with variable data. But it cannot be an alternative for structured authorizations.