A: If you uncheck an authorization object + field value here, it will not be taken into account when running an audit.
B: Indication of the authorization object.
C: Indication of the authorization object's field.
D: Indication of the authorization object's field's value.
E: Clicking the 'Assigned Values'-button generates the 'Values assigned to profiles'-table at the top of this pane. This table presents an overview of the values found in all profiles which contain at least one of the authorization objects specified in the Authorization Objects pane. An immediate high-level audit statement indicates that *-values are present in the SAP download data whereas query specifications are more restrictive.
Note: Double-clicking a 'Values assigned in profiles'-entry adds the same entry in the table beneath it.
This allows you to easily expand and fine-tune your Second Level Authorization Object Field Audit.
Tip: A *-value from the assigned values area relates in SAP terms to the *-value itself and any other value, while the $-sign means lookup for *-value and the $-sign itself. So, If you would define a dummy value as '$', any user having such an authorization will be included in the audit results. Therefore, we recommend defining a different sign as a dummy value.
F: Click this button to run the query (= audit on Authorization Object Field Value level = 2nd level)
Since these queries restrict on authorization object field value level, the number of entries in the second level result Results Container is never higher than in the first level result Results Container.
Additionally, this Result screen has the same properties as the Result screen of the first level authorization object audit and therefore all audit actions thereafter apply for the second level Result screen as well (Logic, Tcode, Norm, double-click feature, Analyze Authorizations/Users, CSI AA Result Container).
G: Select the variant to run the query for.
Select the first item <NA> from the drop-down list in the Variants-dropdown-list to run the analysis without variant.
Select another variant to perform your analysis for a certain variant..
Click Analyze to perform a second level authorization object audit.
Note: By default this value will be set to <NA>, so unless you select a particular variant, the application will always run the query without taking a variant into account.
H: By clicking this button you will open the Managing Variants.
I: By clicking this button you are able to run an audit for various variants at once. For more information about a Multi Variant Run please refer to the Multiple run Second Level - topic.
CSI tools BVBA © 2012 - All Rights Reserved