Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SU24 vs PFCG

Go to solution
Former Member

‎2019 Jul 16 9:00 AM

0 Likes
2,846

SU24 vs PFCG

Hi experts,
I have three questions to Tr-Cd SU24.

1. What is the difference between SU24 and PFCG?
2. What can we do with SU24?
3. Could you explain what "Authorization Default Values" are?

I hope somebody will help me because I'm new to SAP.
Thank you.

Taichiro

1 ACCEPTED SOLUTION
Read only

Go to solution
kaus19d
Active Contributor

‎2019 Jul 16 10:44 AM

0 Likes
2,203

Hi,

The role of SU24 is a bit big to explain here. PFCG is for creating various roles & maintaining roles, like customised Z or Y roles, also for assigning to user & Role generation. Possibly for starting, the below links can give you some more details & idea on those Security Topics,

https://answers.sap.com/questions/4944227/to-use-su24-or-to-not-use-su24-that-is-the-questio.html

https://help.sap.com/doc/saphelp_nw73/7.3.16/en-US/f7/d122a06a95448d9053e933354bd809/content.htm?no_...

https://blogs.sap.com/2016/08/24/what-is-authorization-and-how-to-use-authorization-properly/

Thanks,

Kaushik

5 REPLIES 5
Read only

Go to solution
chris_wake
Participant

‎2019 Jul 16 10:33 AM

0 Likes
2,203

Please look at ADM940 that will answer your questions.

Read only

Go to solution
Former Member
In response to chris_wake

‎2019 Sep 03 1:22 AM

0 Likes
2,203

Sorry for the late reply. I appreciate your answer!

Read only

Go to solution
kaus19d
Active Contributor

‎2019 Jul 16 10:44 AM

0 Likes
2,204

Hi,

The role of SU24 is a bit big to explain here. PFCG is for creating various roles & maintaining roles, like customised Z or Y roles, also for assigning to user & Role generation. Possibly for starting, the below links can give you some more details & idea on those Security Topics,

https://answers.sap.com/questions/4944227/to-use-su24-or-to-not-use-su24-that-is-the-questio.html

https://help.sap.com/doc/saphelp_nw73/7.3.16/en-US/f7/d122a06a95448d9053e933354bd809/content.htm?no_...

https://blogs.sap.com/2016/08/24/what-is-authorization-and-how-to-use-authorization-properly/

Thanks,

Kaushik

Read only

Go to solution
Former Member
In response to kaus19d

‎2019 Sep 03 1:19 AM

0 Likes
2,203
I really apologize for the late reply. Thank you for your answer!
Read only

Go to solution
former_member653265
Explorer

‎2020 Jan 09 1:43 PM

0 Likes
2,203

SU24 provides the transaction versus corresponding authorization objects(along with fields) to be checked when assigned to the role(USOBT_C and USOBX_T information). The values defined in su24 are pulled when the roles are generated by considering it as by default. You can change the values in the given field if required.

SU24 is for the information on what objects, fields, and field values are checked while designing a role. Also if required the objects, fields and field values can be added to make the transaction authorizations as default.

PFCG: This transaction allows us to create a role (single, composite, derived, etc). It contains transactions, services, objects, etc. When generated, it creates a profile. These generated roles when assigned to the user, the user will be able to execute the transactions as per the business needs.