cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Licence audit - which settings count?

Go to solution
former_member94298
Active Contributor

‎02-08-2019 9:20 AM - edited ‎02-04-2024 12:14 AM

0 Kudos

Just thinking about how user numbers get assessed by SAP for audit purposes.

When a user leaves the business, can someone please confirm what needs to be done to ensure they are no longer counting as a licence that needs to be paid for?

From a system access perspective - locking the user seems like the obvious route - but having been bitten by this topic previously (long ago, in ECC days) I am wondering if we also need to date delimit their access (i.e. set the 'valid to' date on the business user to the leaving date).

Does anyone have the definitive answer?

Thanks!!

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Feras_Al-Basha
Product and Topic Expert
Product and Topic Expert
‎02-08-2019 9:21 AM
0 Kudos

Hello Clare,

Thank you for bringing up this topic. To begin with, yes, from a system access perspective, locking the user in S/4HANA Cloud and delimiting the dates of the user in the cloud identity manager are the first steps in the deactivation process.

The way users' license is evaluated commercially relies on the concept of Full Equivalent Use (FUE).

FUE corresponds to the number of individuals authorized to access specified solution capabilities of

SAP S/4HANA Cloud for (each a User) as follows:

1 FUE = 1 Advanced User;

1 FUE = 3 Core User;

1 FUE = 30 Self-service User

Customers may refer to their commercial subscription contract to for a breakdown on their available FUE. Customers may allocate each FUE to any one of the User types and may change the allocation during the subscription term.

How does the above reflect into the system and how to manage the FUE allocation?

The answer lies within the business catalogues assigned to roles which are assigned to users (see attachment for an example catalogue typology). As a result, using the Fiori app, 'Maintain Business Users' you could obtain a breakdown of your FUE schema by observing the 'pricing category' indicator for each user (see attachment). That said, to be on the safe side, you may remove all the roles that were associated to a user who will be deactivated, that way the FUE are not consumed in anyway.

For a more detailed breakdown please see:

https://help.sap.com/doc/2afc434378cd44de8e10a5451c08786e/1/en-US/S4HC_STE_ServiceDesc.pdf

Hope this information was helpful,

Thank you,

Feras

Show replies
Show replies
Feras_Al-Basha
Product and Topic Expert
Product and Topic Expert
‎02-08-2019 9:22 AM
0 Kudos

Hi Clare,

Personally I am not too sure on this point.

But what I can say is that the date limitation (valid to last year) we see in the 'maintain business users' app may not be alone sufficient. It is important to have the corresponding changes updated in the Cloud Identity Manager from which user access reports are generated. Technically, this should do the job. However, to be on the safe side I recommend having the role assignments removed from the user to ensure that we are not consuming FUE units.

Thanks

former_member94298
Active Contributor
‎02-08-2019 9:22 AM
0 Kudos

Feras,

Thanks for the clear and detailed reply!

So to double check - if I have a business user with a 'valid to' date of the end of last year, but they still have roles assigned, then that would still count towards the FUE allowance, even though they were not using the system - or would this be sufficient?

Answers (0)

Ask a Question