Question:
Hi,
Anyone have any hot hints and tips for CRM security?
Many Thanks,
Answer:
It is basically non-existant. Mostly based on Tcode access only.
Answer:
Not good then
We're using a web client to be accessed via the portal so there are no transctions as such being entered.
Answer:
Actually there is some level of security in CRM that is not all tcode based but it isn't b ased on authorization checks. Typically you need to set up attributes against positions or organization units in the organization structure. These attributes control actions as well as geographic scope of either an organization unit. The transaction used to maintain these is PPOMA. The CRM configuration gurus know all about this. They can't get the application to work without maintaining these attributes. Yo9u need to get in their loop and see where you fit in.
Answer:
Snap - the org levels don't work (think it might be a different story if they are manaintained at the oject level (SAP Ireland beggered up my roles trying that) but I didn't want to go there...
Answer:
Listen to John. We're in a full implementation here, and the security is terrible. Be glad if you have to deal with only tcodes, and not BSPs, as they are horrendous. The tcodes at least have checks in them, BSPs mostly don't... GRRRR.
Wait until you try to secure tabs in the business partner using DELIVERED SAP BSPs (Account Management). I was told "that functionality is not available or supported"
Don't even get me started on credit management and releasing of orders.. lol
Wheeeeeeeeeeeee
_________________
"SOX.. hmm .. Aren't they the baseball teams in Boston and Chicago?"
Kind Regards,
IamEvilHomer
(Wayne)
Answer:
SAp delivers deactivated and even empty shells of functionality.
Actiavte them as required.
Enhance them as you want.
OSS them as you go "Wwhheeeeeeeeeeeeee".
We are their development and QA labs.
Tarr
Answer:
Thanks for the advice.....I think
I have since found that if there is a sound Org model in place then the Security is made a lot easier.