Clik here to view.
Authorization Missing, when all the activites are maintained
Hello, We are configuring WebService and while checking for technical settings, system throws an error that the WebServices user is missing authorization S_SRT_UASG. Upon verifying, I saw that the...
View ArticleBusinesses are not doing enough to fight threats...
Eighty-eight percent of the respondents to the Global Information Security Survey (GISS), “Creating Trust in the Digital World”, conducted in 2015 by Ernst & Young (EY), do not believe that their...
View ArticleCUA to Child users
We just had a QA system refreshed after the refresh we have a list of about 20 to 30 users who were lost. They simply do not exist now.However they are still in the CUA system fully intact. This...
View ArticleAuthorization problems after transporting role
Good day, gurus. I'm facing an issue after transporting a role to PRD system. Role tuning was performed in QAS system and it was required to give specific authorization to "store location (LGORT)" and...
View ArticleClik here to view.
Featured Content in Security
Now Is the Time to Invest in a New Approach to Information SecurityWith threats to IT security increasing, your organization must prioritize cyberthreats, develop countermeasures, and integrate them...
View ArticleBetter way to query multiple tables of SAP
Hi Experts,I am using BAPI RFC_READ_TABLE for querying tables of SAP in my application written in java. But the limitation of the BAPI is that I can only access and apply filters to one table.In my...
View ArticleCost centre group restrictions in ECC
Hi Team, Currently we are having restrictions on individual cost centres and we would like to reduce the role count/ easy maintenance by restricting cost centre groups. I have followed below steps to...
View ArticleUSMM: Classifying users
Hi all, The document on USMM mentions, Extended list. But i do not find this option. i have SAP BASIS 702 SP16. Could you suggest where this option i9s available. RegardsPlaban
View ArticleSICF http Handler - Authorization Header not available
Hi all i am facing a problem with HTTP Basic Authentication Headers.I have the requirement to implement Basic Authentication against a customer table. Therefore i have implemented a http handler where...
View ArticleExtn Nos gets concatenated with Telephone numbers in SU01
Hello Guys I have got a situation where 1000s of telephone records of SU01 has changed . The Extension numbers has concatenated with Telephone numbers . There is nothing which can be seen in Change...
View ArticleFirefighter Users without SAP GRC AC possible?
Hello, Transaction /VIRSA/VFAT does not exist on my client's ERP system.I assumed that this is a standard transaction in ERP. Does this only come if a SAP GRC AC is implemented? The client does not...
View ArticleCentral User Administration Retention of Change Logs
Hello, Our BASIS team will be spinning up a new box for Solution Manager and will be decommisionning the old one which was used for CUA. Please advise on what the recommended approach is to retain the...
View ArticleClik here to view.
want to block payment transaction data field for some users
Hi All, Good day..... I want to restrict the payment transaction field in XK02(change vendor) for some users, say intenders. For Sr GM only i want to enable the payment transaction in XK02. I only...
View ArticleAuthorization change not available for query...
Hi all,I've searched the forum on this topic but with no result. I've got users who are not able to modify a query after copying it. It comes up with error message:"Authorization Change not Avaialbe...
View Articlenetwork segregation, audit compliance vs. functional optimization and simplicity
We are embarking on a redesign of our network architecture based on software-defined networking (SDN - Cisco Nexus 7k/9k/ACI). In the discussion we hit a dispute about whether or not to segregate...
View Articleduplicate authorization objects in custom roles for user
Our company never had anyone to manage the roles of the users. When user request access to certain transactions, we simple just added the transaction in one of the roles we thought it would fit the...
View ArticleAcknowledgments to Security Researchers
The SAP Product Security Response Team thanks all researchers and security IT professionals that help with discovering and solving security vulnerabilities. Their findings continuously help SAP...
View Articlepo release authorisation based on po document type
hi everyone how can i restrict po release authorisation based on po document type i found one object M_EINK_FRG but here only release group and release code is there i want to add po document type also...
View ArticleClik here to view.
Segregation of roles: authorization object/activity
Hello, This question might sound basic to many of the user of this forum, but I would like to obtain a clear answer from a trusted source In the following example:Role A: Transaction code FB50 -...
View ArticleClik here to view.
Network Threats on the example of Advanced Persistent Threats (APTs)
In the previous posts I talked about finding abnormal activities using the ETD. This time I like to talk about network threats and give you some example of advanced persistent threats (APTs). It is a...
View Article