B.05 - Authorization - Customer Master
This workflow verifies that only properly authorized users have the ability to create or change customer master records on the specified SAP system. The workflow calls the Users by Authorization Values workflow to obtain a list of users authorized to execute the following transactions:
| Transaction | Description |
|---|---|
| * | All transactions. |
| XD01 | Create Customer (Centrally). |
| XD02 | Create Customer (Centrally). |
| FD01 | Create Customer (Accounting). |
| FD02 | Change Customer (Accounting). |
| VD01 | Create Customer (Sales). |
| VD02 | Change Customer (Sales). |
| MASS | Mass Change. |
The Users by Authorization Values workflow also finds profiles that include the following authorization objects:
| Authorization Object | Field | Value |
|---|---|---|
| V_KNA1_VKO | ACTVT | 01 |
| V_KNA1_VKO | ACTVT | 02 |
| V_KNA1_BUK | ACTVT | 01 |
| M_MATE_BUK | ACTVT | 02 |
| V_KNA1_GRP | ACTVT | 01 |
| V_KNA1_GRP | ACTVT | 02 |
| B_MASSMAIN | ACTVT | * |
The results are stored in the Results_B05 Table dataset, which has the following columns:
| Column | Description |
|---|---|
| USERNAME | SAP user account. |
| PROFILE | A profile associated with this user account. |
| AUTH | An authorization associated with the profile. |
| OBJECT | The associated authorization object. |
| FIELD | The authorization’s ‘Field’ value. |
| VON | The authorization’s ‘From’ value. |
| BIS | The authorization’s ‘To’ value. |
| Category | Authorization category. |
| PERSNUMBER | The user's personnel number. |
| NAME_FIRST | The user's first name. |
| NAME_LAST | The user's last name. |
| USTYP | User type. |
| UFLAG | User flag. |
Creating RFC Destinations
Before you begin, you will need to create an RFC Destination for the SAP system you wish to analyze.
Preparing the Workflow
To prepare the B.05 - Authorization - Customer Master workflow, drag its workflow template from the Templates folder into your own workspace, and modify the workflow as follows:
To specify the system to analyze:
-
Select the System to Audit parameter and choose ‘Edit RFC Destination’ from its context menu to display the RFC Destination dialog.
-
Select the RFC Destination for the system to analyze, then click ‘Save’.
Save the workflow using the ‘Save’ toolbar button.
Running the Workflow
To run the B.05 - Authorization - Customer Master workflow, click the ‘Run’ toolbar button, choose ‘Run Now’ from the diagram’s context menu, or press F5. The currently running workflow action is marked with an animated display. When the workflow execution has completed, select the Results_B05 dataset and choose ‘View Details’ from the context menu to display the result table.