You may have seen the wiki that I help manage, Home of TCP-IP Ports. I want to take the TCP/IP port documentation in a new direction and I am looking for you to give me feedback. Interested? Either send me a message through SCN or reply to this blog and we'll work out the details.
Hi all,
In Authorizations tab what is the difference of having Standard, Mantained, manually and Changed.
Thanks in advance.
Regards,
Raja
Hello,
In Structural Authorization, if there is an entry for user SAP* in OOSB, then all user inherit access to the Authorization profile.
Suppose we have 2 custom Authorization profiles - Z_HR and Z_USER. These are governed by their custom Function Modules.
Scenario:
So, if we enter SAP* - ALL, in OOSB, then all users will get full access to the entire Org Structure.
Then we use context based Security : P_ORGINCON and assign Z_HR to all HR personnel Roles.
So, even though the HR personnel will inherit ALL from OOSB, the restriction in P_ORGINCON will restrict them to Z_HR. Is that correct?
(This would eliminate the need to maintain Z_HR in OOSB for each HR personnel)
And all other user who do not have P_ORGINCON in their User Master, will not get any structural Profile access, so in spite of them getting ALL in OOSB (via SAP*), they will not have the structural access.
Will this scenario work?
Or do we need to add each HR user's User ID in OOSB with Z_HR?
Thanks in advance.
Hi!
due to the implementation of the new G/L we have to adjust lots of authorization roles ....
We have changes related to a high number of roles quite often.
We are using already derived roles....this is only helpful if you want to add new transactions - it does not help for new authorization-objects. Isnt it?
Any ideas on how to make a mass change?
Table MASSFUNC maybe, or is there already a mehtod existing.
thanks in advance.
BI BusinessObjects 4.1 SP4
I have several folders containing reports that I don't want users to edit the query of or change at all. However, I don't want to change my custom access levels because that would affect all users. And I don't want to apply custom folder security because it doesn't go far enough - I need to be able to block off the Available Objects pane from users who have access to that folder - you can't do that through rights management.
Because access to those folders is controlled by one user group, what I have done is apply "Customization" to that specific group to remove the Data Provider buttons and the Available Objects pane; members of this group can now no longer see the Edit button or the Available Objects pane when using reports in that folder.
PROBLEM
This works well if a user is only in that one group. But If a user is in multiple groups – one of which is that customised group – then the customisation seems to be apply to whatever they have access to, thereby restricting their edit abilities in unrelated folders and reports.
How should I change the user security of this group to ensure its customisations are not being picked up by other groups that a user is a member of?
Thanks,
Andrew
Hi,
There is a requirement, when new authorization object is created in SU21 then alert or mail will sent to security team every time? Is their any BADI or Exit available to write the code? or Is there any standard workflow task that we could cover this requirement?
Thanks and Regards
Sudarshan Gaikwad
Attack detection patterns are what powers the ability of SAP Enterprise Threat Detection to alert you to suspicious activity in your network. The patterns were created by our experts to uncover a variety of anomalous events. You have asked what patterns we deliver with our product. Here is an overview of the kinds of patterns you get with SAP Enterprise Threat Detection 1.0 SP01. Don't worry, there is more to come in our future releases.
| Category | Description |
|---|---|
| ABAP and HANA Authorization | These patterns look for escalation of privileges. An escalation of privileges is when you can exploit a weakness to gain access to resources you should not have access to. These patterns also watch for the assignment of critical roles or profiles. |
| ABAP Blacklists and Whitelists | A number of patterns function on blacklists and whitelists. We deliver blacklists for function modules, reports, transactions, and URL paths expected not to be used in productive systems. Customers can enhance these blacklists according to their needs. The same applies to several patterns which come with whitelists, which lead to an alert being created in case a certain user is active or function module called but not part of the whitelist. |
| ABAP Calls to Productive Systems | Your productive system runs your business. We have patterns that watch for calls from non-productive systems to productive systems. The patterns, like those in other categories, have configurations to eliminate false positives. |
| ABAP and HANA Configuration | The patterns for ABAP and HANA configuration make sure that no one is trying to disable security in the system by making configuration changes to the system. Such changes include deactivating logs or other security functions. |
| ABAP Debugging | These patterns attempt to find developers behaving badly, for example, debugging in a productive system. The patterns can find an infiltrator exploring code in an ABAP system. |
| ABAP Denial of Service | There are a number of indicators we can watch to identify if someone is trying to block access to the ABAP server. |
| ABAP Downloads | If a user downloads data too often or in too large a volume from an ABAP server, patterns raise alerts in SAP Enterprise Threat Detection. |
| ABAP Internet Communication Framework | SAP Enterprise Threat Detection also uses patterns to monitor access to the Internet Communication Framework (ICF). |
| ABAP and HANA Logon | Too many failed logon attempts might indicate someone trying to brute force their way into the system. Suspicious activity is also trying to log on with users, who otherwise should be locked, expired, or deleted. We also look for replay attacks or other attempted manipulation of our security session technology. |
| ABAP Password | Manipulation of passwords for critical users or by users not normally in an administrative role can warn of an intruder in your system. |
| HANA SQL Functions | We include patterns to detect suspicious calls to SQL functions on SAP HANA platform. |
| ABAP User Morphing | We also look for changes in users that indicate a manipulation of the user, such as the user type. |
Want to know more?
Able to execute another Tcode without terminating the first session of the Tcode... Means without /n or /o able to execute another tcode.
Example:
1) Log on
2) executed /nSU01
3) executed PFCG
now i am able to see profile generator, how it is happening and how to resolve this.
Hi all,
I have a scenario where we have an AD group XYZ and it has one other AD sub group PQR
The question is if we add the parent AD group XYZ in Business Objects CMC, will it import the Sub group PQR and its users as well or it will just import the users which are member of parent group XYZ?
The BO environment is BI 4.1 SP4.
Please let me know if any one has answer to this.
Thanks,
Shwetabh
Attack detection patterns are what powers the ability of SAP Enterprise Threat Detection to alert you to suspicious activity in your network. Read Michael Shea’s blog for an overview of the kind of patterns we deliver with our product. May 7, 2015
Security breaches reached a record high in the U.S. last year, with over 30 percent of these breaches affecting the business sector. Check out Tim Clark’s blog for the details and listen to the recent SAP Radio broadcast, “Data Security in the Age of Credit Card Breaches”. April 16, 2015
Join our Customer Engagement Initiative for SAP Enterprise Threat Detection that helps you to detect cyberattacks against SAP systems and non-SAP systems in real-time. You will be able to influence product development and get early insight into upcoming innovations. Find out more and contact Carmen Graf to register. April 16, 2015
With SAP NetWeaver Application Server ABAP 7.40 SP8 it is possible to activate an encrypted and authenticated communication between the SAP NetWeaver AS ABAP server components. In his latest blog, Matthias Buehl describes this new security measure and its configuration in more detail. April 13, 2015
Join our Customer Engagement Initiative (CEI) 2015 for SAP Cloud Identity service and influence our product development in collaboration with your peers! For more details go to the CEI “Enhance Functionality for SAP Cloud Identity Service” and contact Donka Dimitrova to register. March 13, 2015
The interconnected nature of modern business systems means that successful companies with critical business on SAP software must effectively manage exposure to external and internal threats. SAP Enterprise Threat Detection helps you identify the real attacks as they are happening and analyze the threats quickly enough to neutralize them before serious damage occurs.
SAP Enterprise Threat Detection leverages SAP HANA to efficiently monitor SAP software-centric landscapes. It allows you to perform real-time analysis and correlation of the vast quantity of log data that SAP and non-SAP systems generate.
SAP Customer Engagement Initiative (CEI) is a structured approach for close end-to-end collaboration between customers/partners and the SAP team during the full development cycle for planned product improvements. This initiative helps SAP create products and solutions that meet customers' needs, reflect best business practices and realize process and technology innovations.
Join our Customer Engagement Initiative for SAP Enterprise Threat Detection and influence product development and get early insight into upcoming innovations. Find out more. For registration contact Carmen Graf.
Learn more from SAP’s Global IT team members sharing their knowledge and experiences about how SAP Runs SAP. The following blog series gives you some insights about how SAP runs the new solution SAP Enterprise Threat Detection to protect our business systems:
How SAP runs SAP Enterprise Threat Detection
ETD: From Alert To Investigation
Detect and React with SAP Enterprise Threat Detection
Stay tuned for more!
Recently, HP published their yearly Cyber Risk Report 2015. Having many typical things spotlighted in this report such as growing number of ATM and IOT Security events, we have found some parts that are relevant to business application security, which we are honored to share with our readers, customers and partners.
According to their report, HP Zero Day Initiative were busy coordinating the disclosure and remediation of over 400 high-severity vulnerabilities in 2014 while 24 of them were related to SAP Products. So vendors at the top for most disclosures are: 1. Microsoft; 2.Hewlett-Packard; 3. Advantech; 4. SAP; 5. Apple.
ZDI were always in charge of publishing vulnerabilities in SAP, but this is the first year when the number of SAP vulnerabilities became so big.
According to ZDI Report:
"In 2013 there were a number of SCADA vulnerabilities, but 2014 marks the first year where a SCADA vendor is among the top vendors with vulnerabilities disclosed against its products. Advantech focuses on automation controllers, industrial control products, and single board computers. SAP is on the list due to an audit ZDI analysts conducted against one of its products, which yielded a large number of findings."
But the main idea is that we are not only speaking about the number of vulnerabilities, which is quite large, but also about the criticality of vulnerabilities. The average criticality of identified SAP vulnerabilities is 7.7 and the maximum CVSS is 9.5.
Affected SAP Products include:
Detailed information about identified vulnerabilities you can find in the table below:
| Product | Vulnerability | CVSS | Date |
|---|---|---|---|
| SAP SQL Anywhere | SAP SQL Anywhere .NET Data Provider Malformed Integer Stack Buffer Overflow Code Execution Vulnerability | 9.5 | 12.09.2014 |
| SAP SQL Anywhere | SAP SQL Anywhere .NET Data Provider REPLICATE Function Heap Overflow Code Execution Vulnerability | 8.5 | 12.09.2014 |
| SAP SQL Anywhere | SAP SQL Anywhere .NET Data Provider SPACE Function Heap Overflow Code Execution Vulnerability | 8.5 | 12.09.2014 |
| SAP SQL Anywhere | SAP SQL Anywhere .NET Data Provider Column Alias Stack Buffer Overflow Code Execution Vulnerability | 9.5 | 12.09.2014 |
| SAP Crystal Reports | SAP Crystal Reports Connection String Processing Double Free Remote Code Execution Vulnerability | 6.8 | 09.03.2014 |
| SAP Crystal Reports | SAP Crystal Reports Datasource Stack Buffer Overflow Remote Code Execution Vulnerability | 6.8 | 09.03.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse ConnectionType.getConnection Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse ConnectionType.isInput Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.getSampleRow Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.getFieldTypes Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.getFieldNames Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.setParams Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.destroy Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.dispose Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.getTableNames Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.setScanDepth Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | 0Day) SAP Sybase ESP esp_parse Connection.canDiscover Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.getError Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.reset Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.getErrors Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse ConnectionType.getName Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse ConnectionType.getParamNames Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse ConnectionType.getXmlDescription Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
| SAP Sybase ESP | (0Day) SAP Sybase ESP esp_parse Connection.getType Remote Code Execution Vulnerability | 7.5 | 05.22.2014 |
Last year brought us not only so much vulnerabilities disclosed by ZDI. Other independent resources also identified the growth of vulnerabilities in SAP Applications.
Another resource published information about total number of vulnerabilities in different vendors products where SAP first time in the history hit’s 10th place by the number of vulnerabilities in commercial products with total number of 178 vulnerabilities (by October 2014).
By the latest statistics about SAP vulnerabilities it takes the 27th place in the list of all vendors (including open source) in CVE Database with 236 vulnerabilities in total. The number of published SAP vulnerabilities in CVE in 2014 is 81, which is 4 times more than in previous year and the highest number during all years if you look at the figures.
By following the link you can find more details.
But in reality the number of vulnerabilities closed in SAP Products is even more than it is listed in any of those resources.
As you may know, CVE’s assigned to vulnerabilities by vendor or by the 3rd party organization, while this process may take time not every organization constantly provide. According to information from SAP Support Portal, only in 2014 there were released 388 so-called SAP Security Notes, 7% more than in 2013 (in 2013 there were 364). SAP Security notes are actually small patches that usually close one or more vulnerabilities in SAP Applications found by the 3rd party companies and SAP Internal security team. So you are right, one or more! It means that actual number of vulnerabilities is even more than the number of SAP Security Notes. And, of course, more than number of vulnerabilities that can be found in CVE, ZDI, and other public resources.
However it is not only about vulnerabilities in SAP products itself. If so experienced people such SAP developers can still left mistakes in their code, imagine what is happening with programs developed by organizations which use SAP systems and customize them, or more importantly outsource development to other companies. And, as you know, security was not a best part of outsource, as high competition between outsourcing companies driving them to minimize time and resources, which usually leaves an imprint on security.
We try to help our customers to meet their security requirements and as part of this process usually publish detailed guidelines how to secure their systems from different issues.
The latest guideline "Securing SAP Systems from XSS vulnerbilities" published by us related to the most popular vulnerability which can be found in SAP Security Notes, - XSS, or Cross-Site Scripting. You can find there our new ultimate sap security guide for improving SAP NetWeaver ABAP, SAP NetWeaver J2EE and SAP HANA Security.
To find this guide and other guides please follow the link.
Hi Gurus,
We have recently upgraded our ECC system with EHP 5. Currently we are facing an issue with one of our third party tool "Winshuttle" [Non Batch scripts, we use them for park/post docs] to run its script as it requires the following authorization
S_DEVELOP DEVCLASS= ;OBJTYPE=SCAT;OBJNAME=*,P_GROUP= ;ACTVT=16
S_DEVELOP DEVCLASS= ;OBJTYPE=ECSC;OBJNAME=*,P_GROUP= ;ACTVT=16]
also the client should be open "CAT & ECATT ALLOWED"
(OR)
Implement one of their Transaction Function Module's and upgrade the version of their software.
The TFM has not been certified by SAP yet. and i am kind of nervous to have the client open for cat & ecatt. I can add the develop access with OBJTYPE - ECSC & SCAT to the winshuttle RFC role so that i can minimize the users who have this authorization. I can further restrict the type of file that could be run by OBJNAME.
I would like to know, would i be opening pandora's box if we have CAT & ECATT ALLOWED in Prod Systems ?
Any thoughts, suggestion are much appreciated..
Hi Experts,
Recently I have come across a design issue for the HR roles in our system.
Our HCM system has ESS/MSS as well as other backend roles such as payroll, time admin etc.
The ESS/MSS role is categorized based on country, as such the P_ORGIN object will have full country value for PERSA etc.
The backend role such as PAYROLL ADMIN will have restrictions based on PERSA.
When we combine both, the ESS/MSS access overrides PERSA restrictions in PAYROLL Admin role & gives additional access to full country.
Is there a way to mitigate this & restrict the access without changing the ESS/MSS authorizations?
Please share your thoughts.
Nivin
Dear Experts,
i am facing an issue in authorizations, but let me explain what actually i need to do,
i have two info cubes. .i.e. Finance and purchasing.
i want to give authorizations to some users for just three finance queries and for other users two purchasing queries.
E.G
User A = Purchasing. 0PUR_C01_Q015 and 0PUR_C01_Q0016
User B = Finance. 0FIA_C01_Q0012, 0FIA_C01_Q0013 AND 0FIA_C01_Q0014
Please let me know what authorization are needed for this activity?
Any document will be much appreciated.
I tried to give authorization using PFCG, but still with that specific users i am able to all the queries in finance and purchasing cubes. which i don't want, i just want those specific queries.
Please help me.
Regards
Faheem.
Hi All,
if a user has been given access to value $BDCGROUPID in field BDCGROUPID of S_BDC_MONI(SM35), then will the user have access to all the sessions or only the sessions created by the user
Regards
Plaban
This Guide explains step-by-step how to configure Single Sign-On for SAP Cloud for Customer and SAP Cloud Identity Service.
For the two previous weeks we’ve been discussing the top-9 critical areas [1] and the 33 steps to be taken for security assessment [2]. Ultimately, we’ve covered patch management flaws - the first critical category in our list. As you should have probably guessed, today it’s time we take a closer look at the next item from our list of critical issues - default passwords.
It is a wide reaching vulnerability with multiple attack vectors. As it requires little skill, default passwords vulnerability exploitation is now among the most frequently used ways of getting access to company’s data. Once installed, SAP system has several standard clients: 000, 001, 066. They all have high privileges set by default (usually, they have the SAP_ALL profile). When it comes to creating new clients, SAP system automatically generates default usernames and passwords.
In the version 6.10 of SAP Web Application Server, the so-called Master Passwords [3] were first put into practice.
Users should be particularly careful, as the fact is, vendor's default accounts and their passwords are well known. Have a look at the following table; we’ve gathered default passwords here for you:
| USER | PASSWORD | CLIENT |
| SAP* | 06071992, PASS | 001, 066, Custom |
| DDIC | 19920706 | 000, 001, Custom |
| TMSADM | PASSWORD, $1Pawd2& | 000 |
| SAPCPIC | ADMIN | 000,001 |
| EARLYWATCH | SUPPORT | 066 |
Further steps
Some additional SAP components also have their unique default passwords. For example, old versions of such services as SAP SDM and SAP ITS have their own pre-installed default passwords.
After you have finished checking whether there are default passwords, you should check user passwords for simple dictionary passwords. We suggest that you use efficient password bruteforcing utilities, in particular, such utilities, as John The Ripper would fit you great. Alternatively you can use ERPScan Security Monitoring Suite.
Besides, default passwords should be checked in all associated systems. Don’t forget to check your network equipment, operating systems and DBMS that store SAP system data. Oracle DBMS, for instance, contains a lot of default passwords, including those specific for SAP systems.
[EASAI-NA-03] Default password check for a SAP user
Description
The SAP* users are created in all clients immediately after installation. Those are dialog users who work via SAP GUI (user type = dialog). They perform all administrative tasks (and usually have the SAP_ALL profile). In case any SAP* user has been removed, after the system was rebooted one can login using standard PASS password and get all the corresponding SAP_ALL privileges.
Threat
Default passwords of SAP* users are well-known (see the table above). With these passwords, an adversary may enter the system using SAP_ALL profile and, consequently, get an unlimited access to any business data stored in the system.
Solution
EASAI-NA-04 Default password check for the DDIC user
Description
The DDIC user is created in the clients 000 and 001 upon their installation (and copying). This default system user’s purpose is to perform system installation, renewal, configuration and operation. Its purpose can also be implementation of support packages, upgrade and background job runtime of Transport Tool background jobs triggered by the tool.
In case the client is 000, this user belongs to a dialog type, it has the right to enter the system via SAP GUI and perform any actions.
In all the other clients it is a system type user, it may perform background processing and it can interact with the system. SAP_ALL and SAP_NEW profiles that grant access to all the functions of the SAP are defined for this user.
Threat
The DDIC user default password is well-known (see the table above). With these passwords, an adversary can enter the system using SAP_ALL profile and, consequently, get an unlimited access to any business data stored in the system.
Solution
WARNING! Do not remove the DDIC user or its profile! The DDIC user is necessary for performing certain tasks, such as installation or updating. It can also interact with ABAP dictionary. The DDIC user removal results in a loss of functionality in these areas. But it is acceptable (and highly recommended by some resources) to remove it in all clients except 000.
[EASAI-NA-05] Default password check for the SAP user
Description
The SAPCIPIC user is used in transportation system of SAP solutions (in 4.5A and lower versions). It is a communication type user. It is mostly used for EDI (Electronic Data Interchange). It may also transport RFC calls without dialog boxes.
So, this user does not have dialog type user privileges, though it has the S_A.CPIC profile. As a result, critical are the following authorization objects:
Threat
Default passwords of SAPCPIC user is well-known (see the table above). With these passwords, an adversary can remotely execute RFC requests (e.g. start some OS programs); execute arbitrary OS commands through RFC vulnerabilities (e.g. TH_GREP); create dialog users with any privileges to enter the system and get an unlimited access to the data.
Solution
Remove SAPCPIC user if you do not need it. If the user is still necessary:
[EASAI-NA-06] Default password check for TMSADM user
Description
The TMSADM user is used for transfers through the transport system. It is created automatically upon configuration and changes of Transport Management System (TMS) via the 000 client.
It is a communication user, in other words, it is often used falsely to transport external RFC calls without dialog boxes. It has the assigned S_A.TMSADM authorization profile enabled to utilize RFC-functions with GUI and to write to a file system. SAP_ALL profile is also often assigned to this user.
Threat
The default password of TMSADM user is well-known. An adversary may remotely start RFC requests to perform critical actions such as deletion and reading files (EPS_DELETE_FILE, EPS_OPEN_FILE2); arbitrary ABAP code execution (through the RFC_ABAP_INSTALL_AND_RUN or TTMS_CI_START_SERVICE function vulnerabilities), and, using BAPI_USER_CREATE1 and SUSR_RFC_USER_INTERFACE requests, to create a dialog user and, consequently, to enter the system and get an unlimited access to business data.
Solution
Additionally, it is better to apply security notes related to vulnerabilities in the programs which TMSADM user can execute, such as:
[EASAI-NA-07] Default password check for the EARLYWATCH user
Description
The EarlyWatch user is created in the 066 client upon SAP installation and is related to a dialog type. It can enter via SAP GUI and perform any actions to the system. One can use it for SAP distance remote management and to get access to monitoring data. As a rule, it is used by SAP AG customer support to enter customer's systems. Change the default password for EarlyWatch user, but never delete the user.
Threats
EarlyWatch user’s default password is well-known (see the table above). With this password, an adversary can enter the system using the S_TOOLS_EX_A profile and, consequently, perform various critical actions (for example, access any files, view sensitive tables or display external statistics records via the control tools). In old versions - 6.4 and lower, users could execute critical transactions such as SE37 (function modules execution) and SE38 (running reports). In the new versions, it has fewer privileges, but it can exploit some vulnerabilities, such as the TH_GREP call with the SM51 transaction and, consequently, execute arbitrary OS commands.
Solution
Warning!Do not remove Earlywatch user or its profile!
By now you should have noticed the ease and clarity with which we tried explain to you some technical subjects. You should also have noticed and wondered how we managed to make the list of critical issues that brief. You may even have marveled at how sometimes we point out what it all means, what it’s good for, and why should you care. It’s completely up to you, but if you like our articles we strongly recommend that you stay with us as in two weaks well come back with the descriprion of the next critical issue.
Hello Security Team,
One of our user has downloaded roles from PFCG and we need to find out who has done that.
Are there any change logs or report Where I can see who has downloaded and uploaded roles in PFCG?
Regards,
Deepak M
Hi,
I found API to get rolefactory, group factory and user factory but could not find anything specific to Actions.
How can we list the actions for Roles and how can we add new actions to a Role?
Thanks
Dixit