Q: Find out all the people who can grant authorizations within a category. (Roles application only)
Answer
Use the Roles application on your Macintosh or Windows machine. (There is no way to look up a complete list using the Web interface.) You'll need to select two sets of authorizations. The first set (1) will show you the people who can grant ANY SAP-related authorization in the Roles DB. The second set (2) will show you people who can grant SAP-related authorizations for selected functions and qualifiers in the Roles DB.
To see set (1) of authorizations, for people who can grant any SAP-related authorization, start the Roles application. Then
- Go to the Authorization List screen
- Select the selection set "Authorizations by category and function"
- In the following Value cells for criterion
- Function category =, enter meta
- Function =, enter create authorizations
- Qualifier code =, enter catsap
(For any other category XXXX, enter CAT + XXXX, e.g., CATGRAD, CATWRHS, etc.)
- Make sure no other criteria are checked.
- Click the Refresh button.
Result: You see a list of all authorizations permitting people to create ANY Roles Database authorization related to SAP.
To see set (2) of authorizations, for people who can grant limited SAP-related authorizations, start the Roles application. Then
- Go to the Authorization List screen
- Select the selection set Authorizations by category and function
- In the Value cell for criterion Function category =, enter SAP
- Scroll down to the criterion Can delegate this auth. Check the criterion. (The Value is ignored.)
- Uncheck criteria for Function = and Qualifier code = and any criteria other than those listed in steps (3) and (4).
- Click the Refresh button.
Result: You see a list of all authorizations permitting people to grant SAP-related authorizations limited to certain Functions and Qualifiers.