One of the major motivations for moving to RISE with SAP S/4HANA, is to upgrade more frequently to keep taking advantage of the latest innovations, such as new apps, new processes, process improvements, and new clean core extension options. 

Executing a SAP S/4HANA upgrade means dealing with lifecycle changes, such as when apps and UIs are replaced by successors as explained in SAP Fiori for SAP S/4HANA – Upgrade Faster – Managing app lifecycle impacts on users. To shorten your upgrade time, you will want to deal with these lifecycle changes as efficiently as possible.

For example, say you are preparing for upgrading from your source release SAP S/4HANA 2020 FPS02 to your target release SAP S/4HANA 2023 FPS01.  As you start to plan your upgrade, some very important questions are:

• Why should we amend our existing custom SAP Fiori business roles with obsolete or deprecated apps?
• How can we prepare for amending our custom SAP Fiori business roles in our source release
• When should we amend our existing custom SAP Fiori business roles in our target release

IMPORTANT: This blog post is relevant for customers running SAP S/4HANA Cloud Private Edition.  For example customers running RISE with SAP S/4HANA Cloud Private Edition, or SAP S/4HANA Cloud Private Edition tailored option. This blog post is also relevant for customers running the SAP S/4HANA product on other infrastructure such as on-premise server or hyperscaler.

Keep in mind that obsolete and deprecated apps includes both:

• SAP Fiori apps ***and***  
• classic UIs such as GUI transaction codes, Web Dynpro ABAP applications, and Web Client UIs.

In practice, updating custom business roles within your SAP S/4HANA Upgrade project involves 6 activities - 3 in your source system and 3 in your target system. These activities are mostly well-covered in the SAP S/4HANA upgrade guide for your target release and related reference materials such as the SAP Fiori Overview guide section Upgrade Support of SAP Fiori for SAP S/4HANA.

Recent customer experiences suggest that one of these activities is not well understood, i.e. How to efficiently amend your existing custom business roles in your target SAP S/4HANA release.  This is perhaps not surprising, due to the number of new tools your team has needed to learn.  The tools have been progressively revised and improved across several SAP S/4HANA releases to optimize maintenance of launchpad content and layout.

In the companion blog post SAP Fiori for SAP S/4HANA – Upgrade Faster – How to amend Roles with Obsolete or Deprecated Apps, you will find a step-by-step example of a best practice approach for amending your custom business roles as part of your upgrade project.   

You will find below:

• Why you need to amend roles as part of your upgrade
• Overview of the Upgrade process for SAP Fiori roles
• Prerequisite activities in your Source release of SAP S/4HANA
• When to amend your custom business roles with obsolete/deprecated content
• Subsequent activities in your Target release of SAP S/4HANA
• FAQ

IMPORTANT: Since you are most likely moving to SAP S/4HANA 2023 FPS01 or higher, the example is focused on the latest tools available with SAP S/4HANA 2023 FPS01. Most of these tools have been available since SAP S/4HANA 2020 and some since SAP S/4HANA 1709, so if you are currently upgrading to SAP S/4HANA 2022, you can still follow much the same process.

Why you need to amend roles as part of your upgrade

With each SAP S/4HANA release or Feature Pack Stack upgrade, you can expect some apps to be deprecated or become obsolete. Usually deprecated and obsolete apps have successors that replace the deprecated/obsolete apps with new and improved features.  

• Obsolete apps must not be used in your target SAP S/4HANA release.
  • They have usually been removed from your target SAP S/4HANA release/FPS.

• Deprecated apps should not be used in your target SAP S/4HANA release.
  • The apps still exist and are still supported however they will be made obsolete in an upcoming release. You should move to successors as soon as possible. 
  • As a minimum, during your upgrade you should make the successors available to aid the evaluation of successors, and to speed transition to these successors.
  • Worth Knowing: Moving to the successor early simplifies and speeds up your next upgrade, as it reduces the numbers of obsolete apps you will need to resolve on your next upgrade.

For more information refer to: SAP Note 3252435 - SAP recommendation on deprecated apps and  SAP Fiori for SAP S/4HANA – Upgrade Faster – Managing app lifecycle impacts on users

If you do NOT resolve obsolete and deprecated efforts, you risk increased effort, unplanned rework, and stress for your current technical upgrade project due to errors, warnings, and missing technical objects (tiles, apps, UIs, services, CDS Views, etc.).

Depending on what has changed, you are likely to experience impacts on:

• Custom security roles
• Custom in-app extensions (on-stack key user and developer extensions)
• Regression testing

In some cases, it may even impact:

• custom-built analytics
• custom-built integrations
• side-by-side extensions

For example, where an extension built with SAP Build Process Automation relies on the existence of a certain app/UI; or where an integration relies on the existence of a certain OData service, or CDS View.

These changes can impact many across your upgrade project team including your technical team, functional consultants/subject matter experts, and business users involved in regression testing.

Commonly experienced impacts on your basis administrators, launchpad content administrators, and security authorization experts when executing post-upgrade activities include:

• “Service does not exist” errors because an app is obsolete
• “No descriptor found” errors because an app is obsolete
• “Tile definition is missing in the target mapping” errors because an app is obsolete
• “Target mapping does not exist” because the original entry for an obsolete app no longer exists
• “Catalog does not exist” because an obsolete catalog has been removed
• “Reference Lost to Backend Catalog” errors because the reference to an obsolete app has been removed
• “Transaction does not exist” because the referenced transaction code for a SAP GUI transaction or a SAP Fiori app no longer exists

Commonly experienced impacts on business users doing regression testing include:

• “Reference Lost” errors on tiles because an obsolete app is no longer available
• Missing tiles because an app no longer exists
• User confusion over which app to use because a deprecated app is usually marked as “deprecated” on the tile itself
• Lost time in resolving security authorization changes
• Support contention when raising SAP Incidents, because an obsolete app is no longer supported.

IMPORTANT: You only need to amend custom business roles and custom business catalogs. Only SAP can amend business roles and business catalogs in the SAP namespace.

Overview of the Upgrade process for SAP Fiori business roles

There are 6 activities within your upgrade project that cover the entire end-to-end procedure to update all your security roles, including your custom business roles. You can see these activities in the diagram below. There are:

• 3 prerequisite activities in your source SAP S/4HANA release BEFORE you upgrade to capture your current role/app usage and evaluate expected upgrade impacts
• 3 subsequent activities in your target SAP S/4HANA release DURING your upgrade, where you amend and regenerate your roles ready for regression testing.

Step 4 is highlighted as customer experiences suggest that this step is not well understood.  You can find a step-by-step example of how to work through these changes in blog post SAP Fiori for SAP S/4HANA – Upgrade Faster – How to amend Roles with Obsolete or Deprecated Apps 

You can find additional recommendations for avoiding problems on upgrade in SAP Note 3226560 - SAP Fiori Launchpad: Preventing and Mitigating Lost References after an Upgrade

Prerequisite activities in your source release of SAP S/4HANA

Upgrade work starts with some discovery of what changes will impact on upgrade. You need to gather information from source release to do this. These 3 activities include:

1. Get the tools you need by making sure the Fiori Foundation Administrator role is active and assigned.

The Fiori Foundation Administrator role grants the current launchpad content administration layout tools to your administrator. You can even access the tools using the SAP Fiori launchpad.

The easiest way to activate the Fiori Foundation Admin role, is to run the task Generate Fiori Foundation Roles in task list SAP_FIORI_FOUNDATION_S4.  If you have run the task list previously, but did not set up the Foundation roles, you can skip (i.e. deselect) all other tasks, and just run the “Generate Fiori Foundation Roles” task alone. Refer to SAP Note 2712785 - Fiori Setup: Initial Setup for Fiori Applications S/4 and see an example at  Activating SAP Fiori Launchpad Using Fiori Foundation Task List - SAP S/4HANA User Experience

2. Inspect the Apps and UIs in the source system.   

If you are on SAP S/4HANA 1909 SPS04 or SAP S/4HANA 2020 FPS01 or higher, you can use the Launchpad Content Aggregator to gather the content of your current business roles.  Refer to Analyzing Launchpad Content and SAP Fiori for SAP S/4HANA – Upgrade Faster - More use cases for Launchpad Content Aggregator

If you are coming from a lower release you will need to consolidate the information using the Launchpad Content Manager Client-Specific for SAP S/4HANA 1709 or higher.  

You will need to create a single column comma separated file (suffix .CSV) containing the technical ids of all the apps and classic UIs you are using in your SAP S/4HANA source system.  This file is used to run the upgrade impact analysis which is the next activity.

3. From the SAP Fiori apps reference library, run the SAP Fiori Upgrade Impact Analysis.

You input your source system list of apps and classic UIs. The analysis will return a list of obsolete and deprecated SAP Fiori apps and classic UIs and their successors.  Refer to SAP Fiori for SAP S/4HANA – Upgrade Impact Analysis.

Hint: If you have not made a final decision on your target release/FPS you can even check the impact against different target releases. 

IMPORTANT: Keep the results from your Upgrade Impact Analysis.  You will need these to amend your business roles in your target release, especially the Additional Information column which includes related SAP Notes that identifies successors.  The simplest way to keep the results is to login to the SAP Fiori apps reference library and save the results against your user id. You can also download the results (look for the download icon for each tab) to keep a copy offline.

When to amend custom business roles with obsolete/deprecated content

The best time to avoid errors and rework is to amend your custom role before the upgrade steps:

• Execute follow-on activities for SAP Fiori
• Update Default Authorization Values and PFCG Roles

You can see an overview of the process to amend custom business roles below.  A step-by-step example of the process can be seen in the blog post SAP Fiori for SAP S/4HANA – Upgrade Faster – How to amend Roles with Obsolete or Deprecated Apps.

IMPORTANT: You only need to amend custom business roles and custom business catalogs. Only SAP can amend business roles and business catalogs in the SAP namespace.

Subsequent activities in your target release of SAP S/4HANA

There are 3 activities to complete amending roles in your SAP S/4HANA target release.

4. Amend custom business roles with obsolete/deprecated content

You need to replace obsolete/deprecated content with their successors.

5. Execute follow-on activities for SAP Fiori.

Before using your launchpad content, you will need to update the relevant caches and indexes that hold the technical objects.  While this can be done at any time, it needs to be done at least once prior to regression testing.

6. Update Default Authorization Values and PFCG Roles

After removing obsolete and deprecated content, you are ready to adjust data authorizations and then regenerate your custom roles.

As a minimum, for any custom business roles you have changed, you must update the application groups assigned to the role. This step is typically performed by your security administrator, by running transaction SU25 step “Update of Application Groups in Role Menus (2d)”.

Hint: Alternatively you can also run this step from transaction STC01 using the task list SAP_FIORI_FCM_CONTENT_ACTIVATION by selecting task “Update Role Menu”. Or you can run the program PRGN_COMPARE_ROLE_MENU directly from transaction SA38.

Remember that you may need to run transaction SU25 for other security roles, not just custom business roles.

For example, you may have classic security roles for users who work primarily in SAP GUI, such as administrators and configuration experts.  These security roles may also be impacted by obsolete transactions.  You can use additional features in transaction SU25 to remediate these roles, such as Editing of Obsolete Transactions in Role Menus (2d).

IMPORTANT: For more information refer to the program documentation of transaction SU25.  This documentation will be up-to-date for your SAP S/4HANA release.  Select the button Information about transaction to see the detailed program documentation.

The program documentation explains all the steps available. Shown below is a fragment of the program documentation in SAP S/4HANA 2023 FPS01.

For a broader understanding of authorizations, refer to section Maintaining Authorizations in Roles for Productive Use of the guide Managing Users, Roles and Authorizations in the SAP Help for the ABAP Platform.

Some other useful references for your security administrator:

• SAP Note 3431747 - SU25 upgrade post processing required.
• SAP Note 440231 - SU25 | FAQ: Upgrade postprocessing for Profile Generator
• Getting back to Standard Proposals with SU24 Authorisation Variants
• SAP Fiori for SAP S/4HANA –Finding authorization objects for SAP Fiori apps with SU24

FAQ

My role is referencing a SAP business catalog that contains a deprecated or obsolete app – what do I do?

1. Copy the SAP business catalog to the customer namespace.
2. Replace the deprecated and obsolete apps using the recommended approach.  Refer to the blog post SAP Fiori for SAP S/4HANA – Upgrade Faster – How to amend Roles with Obsolete or Deprecated Apps

Can I compare my custom business role or custom business catalog to a related SAP Business Catalog or SAP Business Catalog ?

Yes! Refer to SAP Fiori for SAP S/4HANA – Upgrade Faster - More use cases for Launchpad Content Aggregator

Can I get a consolidated view of all deprecated/obsolete content across all my custom business roles?

Yes! Refer to SAP Fiori for SAP S/4HANA – Upgrade Faster - More use cases for Launchpad Content Aggregator

In the source release the deprecated or obsolete app was extended. Will the target release apply the same extensions automatically to the successor app? 

This depends on the degree of difference between the deprecated or obsolete app and it's successor. You should check the app documentation of the successor app.

As a general rule of thumb:

• Changes to the process in which the app is used are likely to be reapplied or require minimal adjustment.

For example, flexible workflow configurations, custom fields, BADIs called by the app, etc. 

For Custom Fields, Data Source Extensions, and Custom Logic you may need to Enable Usage on the successor apps and republish them.

• Changes to the app itself will need to be reapplied 

For example, user personalizations and key user Adapt UI changes - such as public app views and app variants.

The successor app is technically a new development object which may have different UI design. 

The app may expose different data, different filters, may have different features, different buttons, new navigation points to other apps and so on. These changes may reduce, simplify, or change what neeeds to be extended.

In other words, the successor app needs to be evaluated and, where still needed, extensions should be reapplied. Be aware that: 

• Often a successor app provides improved options for extensions 

These changes typically make the app easier to extend, and should be part of your evaluation of the successor app. For example, you should check for new hidden fields and features that can be easily made visible using Adapt UI.

Becoming a SAP Fiori for SAP S/4HANA guru

You’ll find much more on our  SAP Fiori for SAP S/4HANA topic page

Other helpful links:

• See all questions and answers about SAP Fiori for SAP S/4HANA 
• Follow SAP Fiori for SAP S/4HANA  for more blogs and updates 

• Ask a Question about SAP Fiori for SAP S/4HANA

Brought to you by the SAP S/4HANA RIG and Customer Care team.