PFCG - Mass User Comparison deleted roles assigned to all positions
Hi All, Yesterday we encountered a strange issue which I would like to know if anyone has faced before or have more details. We changed the role validity for a user in PROD and ran the 'Mass User...
View ArticlePortal Roles - Adding iView into the role
Hi, We have a BW system (ABAP) and a portal (only JAVA) system. BW system is connected to the portal system as a backend system.Now we have some BW queries that needs to be published on portal. We have...
View ArticleST03N Issue
Hi ! We wish to see T-code usage...i.e. who used say SM30... ST03N gives a list of users; however, half of them don't even have access to SM30 (either via the Role Menu or via S_TCODE) ! Is there any...
View ArticleTcode descriptions (new to SAP)
New to SAP. Went from a IT budget analyst to system analyst. Been querying tables and stuff. Working on a better way to manager our roles (single roles/tcodes/composite roles, etc) When working...
View ArticleSNC: Using SNC to Encrypt Traffic - Client/Server (No SSO)
Hello everyone, I am using SNC to Encrypt Client/Server GUI Traffic from Windows GUI clients to SAP AS ABAP running on Solaris 10. SSO is not a consideration in this configuration. I have read the...
View Articlehow to search authorization objects by field?
A developer wrote a custom report. It uses some fields that are sensitive. I tell developer he must write AUTHORITY-CHECK into the code and then he asks me "ok... I will do that, but which...
View ArticleHttp only cookie information disclosure vulnerability on sap net weaver...
HI Experts, after the penetration test we came to know that our portal server is having this issue can you please suggest me how to get rid off this. we are using SAP Net weaver 7.3 eph1 Apache 2.0...
View ArticleDuplications in Role assignments - Still a problem
Hello Everyone, Am a newbie to SAP Security. Could you please help me with the below question. Why SAP does not recognize the duplicate assignment of a role during the role assignment for a user ? For...
View ArticleIdentify Which External Applications are Calling Your RFCs
Question: Using RFC Web Services, how can remote calls to these RFCs be engineered in such a way as to be able to identify the calling server AND application name? What are the prerequisites for doing...
View ArticleIssue while trying to import metadata table MARA
Hi We have just performed a test with data service 4.1 and get the following authorization error. Error : cannaot import the metadata table <name = mara>. RFC callReceiver error...
View ArticleMaking Key figure Authorization relevant in Analysis Authorization
Hello, I want to make restriction on Key figure in analysis authorization. Please suggest how I can do that. I have made 0TCAKYFNM as auth. When I add 0TCAKYFNM this to analysis authorization it gives...
View ArticleSRFC implementation
Hi Experts, At present we have a scenario with RFC connection between web service to SAP systems. now we are planning to implement Secure RFC for the same sceanrio. So could you please suggest how to...
View ArticleUsing Profit Center as an Org Level in PFCG
Hello SAP Security Experts, We are considering making Profit Center an organizational level in PFCG. Specifically, we need RESPAREA to be made an org level to derive roles based on profit center...
View ArticleClik here to view.
Consuming a web service using a username token
Hello, I've to change an existing ws proxy to send a username token to meet our increased security needs. Therefore- I changed the the proxy configuration in the IDE from none to basic- I configured a...
View ArticleUser ID Issue
Hi, A user (Psmith) is having an issue running a query in portal. If we copy his/her account (Psmith) to another name (P1smith), he/she has no issue. We tried to deleted and recreated the account...
View ArticleAuth issue with the T-codeFMBB
Hi All, There is a issue with the T-code FMBB which is doesn't allowing to delete the attachment. Please provide the inputs to resolved the issues
View ArticleHow can I report variants executed in a dialog reporting transaction by a user?
Hello, We have a user that left the company. Is it possible to find all of the variants that a dialog user has executed in a reporting transaction? Thank you,Charles
View ArticleLdap client to install
Hi, I'm working on AIX 7.1, we installed ldap client package: idsldap.clt64bit63 Now, lslpp -L | grep -i ldap showsidsldap.clt64bit63.rte 6.3.0.3 C F Directory Server - 64...
View ArticlePassword prompt in CRM UI
HiEvery working day at 16:00 CRM Users get a pop-up "Server<CRM production server>onSAP Webapplication serverrequires ausername and password Warning: This server is requesting that your username...
View ArticleError establishing a mutual ssl between SMP server (java stack client) and...
Hi, I have problems establishing 2 way ssl connection between the SMP server (which acts as a client in this senario) which runs on java stack and SAP gateway system GKQ/G3T. I have imported the...
View Article