Is there a way to Read only SCUM tcode?
Is there a way to Read only SCUM tcode? If so , which object is it to modify?
View ArticleMessage authorization in IoT
In a threat modeling workshop for a specific scenario we discovered a message authorization issue. In the following I would like to repeat exemplarily the thinking that led to this discovery. The...
View ArticleInterpretation of authorization provided
Dear Experts, I am trying to identify users who have access to specific transaction codes. Considering T.Code ME11 (Create Purchase Information Record) as an example, following are the queries that i...
View ArticleThe Official SAP Global Security Space
As the leading provider in enterprise applications SAP has a long-standing responsibility to ensure security of its products. Secure software is not developed coincidentally. That's why SAP follows a...
View ArticleClik here to view.
Create Authorization Object Field behaving like ACTVT
Dear Gurus, I am currently trying to create authorization object field which should behave like ACTVT. That means when I click to maintain the field, the following window shows up, I can only select...
View ArticleConfiguring Secure Network Communication (SNC) between SAP systems and...
getting an error while provisioning user after configuring IT resource with SNC SNC steps followed 1. Creating SAP PSE sapgenpse get_pse -p SNCPSE.pse -x Password@123...
View ArticleClik here to view.
Single URL for internal (SSO) and external (no SSO) access ?
Hello, Environment # Client: O/S: Windows 7 Browsers: IE11 + Firefox 44 # Server O/S: Windows Server 2012 R2 BO BI 4.1 SP7 Web Server: Tomcat 7 + JRE 8_66 # Authentication Windows AD : 2012 Kerberos...
View ArticleAuthorization Object S_TABU_NAM
Dear Experts, With refernce to S_TABU_NAM, Is there any possiblity that S_TABU_NAM ovverides S_TABU_DIS in the system Pls provide some inputs RegardsKrishna
View ArticleAGR_1251 Modified field Values
Hi All, Can someone please explain what is the difference between the values in the MODIFIED (Object Status) field in ARG_1251: S Standart? ???G MaintainedM ModifiesU Manual
View ArticleIDP mobile logon page
Hey Experts, Sorry, I may be submitting this question in the wrong place, if so, please let me know.We use an IDP for authentication to our Fiori Launchpad. I have customized the logon page with our...
View ArticleMass Role Assignment using SECATT in ECC with EHP6 - Role Name parameter not...
Hi All, I'm trying to create a script in SECATT for Mass Role Assignment via SU10, upon recording when I create parameters, I don't see "Role Name" parameter. I tried several times creating it, but it...
View ArticleClik here to view.
Programmatically set (or change) the master role
Hi all. Is there a way, maybe a function, to set the master role of a single role?Fill the "Derive from role" field. I mean, other than a direct UPDATE AGR_DEFINE .... which works, btwI would prefer a...
View ArticleSecurity certification materials
Hello folks, I would like to go for SAP Security certification and I am looking some following .pdf file or any soft copy. I do have ADM940, ADM950 and ADM960. I am looking ADM900 and SAPTEC soft book...
View ArticleThe Official SAP Global Security Space
As the leading provider in enterprise applications SAP has a long-standing responsibility to ensure security of its products. Secure software is not developed coincidentally. That's why SAP follows a...
View ArticleHow to revert back changes of USOBT_C/USOBX_C tables
Hello, Mistakenly SU25 1st step (Initially fill the customer table) got updated which was not done since long (2008) and this has updated our USOBT_C/USOBX_C tables and we want to revert back our...
View ArticlePreventing removal of Payment Block "R" from vendor invoices in FB02
Hi all, We are trying to restrict the removal of Payment Block Reason "R" (Invoice verification) in transaction FB02. It seems like the normal way to do this would be to define Reason "R" as...
View ArticleWhitelist for dynamic destination
Hello, can someone explain me for what I can use the "Whitelist for dynamic destination" in SM59. The normal whitelists are maintained and the parameter rfc/callback_security_method =3. But now I want...
View ArticleClik here to view.
User Logoff event not recorded in SM20 for Logon type=A
Hi Security Guys, We are recording the audit logs for Dialog logon. The problem is the User Logoff event between two consecutive logons is not getting recorded sometimes for almost all users.Kindly...
View ArticleClik here to view.
Featured Content in Security
Join the SAP Cloud Identity Service Customer Engagement InitiativeInterested in sharing your feedback on planned features for SAP Cloud Identity service? Join our upcoming customer engagement...
View ArticleSAP Cloud Identity Service
OverviewThe SAP Cloud Identity solution is a cloud service for identity lifecycle management for SAP Cloud applications and on-premise applications. It provides services for authentication, single...
View Article