Parameter
auth/no_check_in_some_cases
Short text
Activation of the Profile Generator
Parameter Description
You must set this parameter to “Y” if you use the profile generator.
The profile generator uses the authorization default values, which you can maintain with transaction SU24. You also use this transaction to specify whether and which authorization checks are to be suppressed for selected transactions.
Note
If you have switched off authorization checks using transaction SU24, users can perform activities without having the corresponding authorizations. Nevertheless, it can make sense to reduce the scope of authorization checks, such as in the following cases:
1. You do not use the authorization object linked to the authorization check (for example, in FI, you use HR authorizations, although you do not actually use the SAP HR system).
2. The authorization check for object S_TCODE protects the core transaction anyway. (Note, however, that authorization check S_TCODE only provides very general protection. This in itself is not a reason to suppress an authorization check.)
3. You want to prevent permitting all values (*) for all authorization fields in the authorization object.
If you have suppressed authorization checks (you have set the parameter to “Y”), we recommend that you check the data in SU24 regularly to ensure that the entries are set to the correct values.
Application Area
Auth
Default Value
Y
Who is permitted to make changes?
Customer
Operating System Restrictions
None
Database System Restrictions
None
Are other parameters affected or dependent?
None
Values allowed
Y, N
