Clik here to view.
Query User Group Mapping To Role
Dear All, I understand that a query user group can be mapped to one authorization role, this is standard behavior (Transaction SQ10). However, when I look in my current system (DEV) I can see that more...
View ArticleIssue with HR Security
Hi All, Iam facing issue with HR Security currently working in Migration project as part of project requirement created single roles and assign the t-codes and maintained infotypes. Now when they are...
View ArticleUsing eCATT and removing roles in SU01 screen
Hi Team, I am using eCATT and trying to remove the roles from SU01 screen, My current SAP system is EHP7 for SAP ERP 6.0.The test script created in SAP ECC 6.0 is working fine, however the same script...
View ArticleDeactivate password for users (mass) with SSO
Hello Experts, I am trying to enforce SSO only access on production users (no more user name password, only this option is allowed for admin) by deactivate password for users.I can do it for single...
View ArticleAuthorization object B_BUPA_FDG
Hi, We are working on tightening our authorizations on business partners.We have introduced the B_BUPA_FDG, so on field group.Also field groups have been added to customizing (define field group for...
View Articlecan we lock the Transaction codes at Plant level or at company code level ?
can we lock the Transaction codes at Plant level or at company code level ? We have a requirement that users form one plant should be blocked form posting the identified transaction for specified...
View ArticleHow to add a TCODE to multiple roles
Hello everyone. I need to add a TCODE in 685 (not derived) roles.The roles are simple, so I need to import the Menu of the composite role after adding the transaction. Anyone know a 'shortcut' for...
View ArticleAES encryption using ABAP FMs or class methods
I am trying to encrypt a string data using AES 128 method. in java, I could use SampleEncryptDecrypt oSed = new SampleEncryptDecrypt();//byte[] key = oSed.generateKey(128);String str1 =...
View ArticleClik here to view.
Got the feeling you lost control of your SAP Infrastructure security? SAP...
Let's face it, securing your entire SAP biosystem is not an easy task. Apart from securing your roles and custom made source code, you also need to secure your Infrastructure. This means hardening...
View ArticleImporting sagenpse generated pse
Hi All, I have genereated a new pse for dual stack XI system with the following command:sapgenpse gen_pse -a sha256WithRsaEncryption -s 2048 -p SAPSSLS.pse -x ######## -r <filename>.req...
View ArticleClik here to view.
SSF in ABAP
Dear All, Even though of the very good documentation of ssf and ABAP, I open this thread (Please excuse my bad English. I'm German and I hope you can identify the sarcasm of the sentence!). I want to...
View ArticleUser Group org unit
Hi guys, I have an issue with user group (S_USER_GRP) when I create role in my dev system with SU01 or any other security T-codes that brings authorization object S_USER_GRP but some reason it doesn't...
View Articleldapmodify Department Head/Manager
Hi, I have done a program in which i am changing the attributes of Active directory through SAP/ABAP FM 'SPLDAP_RECEIVE_ATTRIBUTES'.By using this FM i am able to change active directory fields e.g;...
View ArticleCUA - System Refresh
Hello,I am new to CUA and need help in determining the pre and Post steps for CUA during the System Refresh. The System Refresh is performed on the Child System and after the Refresh my original users...
View ArticleClik here to view.
Authorization in SAP via SMS
Hi, guru!Our customer wants to use two factors authorization to log on SAP. After entering login and password user will recieve 4 digits temporary code which also entering in log on page. Anyone try to...
View ArticleClik here to view.
Deleting authorization objects
Hi, I get the following error message, when I try to delete an authorization object from su21 which is no longer required, Please tell me how to delete the authorization object. Thanks and RegardsTaiyab
View ArticleCan we trace the changes made to a role(already moved to PRD system)
Experts, Is there a way we can trace the changes made to a role? I want to refer to the changes made to a role on a particular day and moved to PRD system.(ex: updating an object field values) Can we...
View ArticleCustom object vs Role transport dependency
Hi Experts, We built a custom auth object which got transported to QA before PFCG role but still the PFCG role is not generated via transport. Role is fine in Development. Can anyone please advise if...
View ArticleSpool naming convention and spool authorisation groups
Hi Guys, Could you please point me in the right direction. I have a task to create spool authorization as follows:HR officer should access only their own spools - This is ok, done and working...
View Article