What tables contain transaction code usage?
Customer does not have GRC installed, and does not have security auditing turned on. They want to create a report that allows them to select transaction code usage for a specific tcode or wildcard...
View ArticleSession time out setting to disconnect SAP user or plugin Http
Hi, Is there any way or settings to be made in which the R/3 system can disconnect the user when the SAP session is left idle after a certain time for specific user? I know the parameter which effects...
View ArticleClik here to view.
How to distribute new object from org level
Hi Expert, I'm trying to create a new object: MATKL to org level through program: PFCG_ORGFIELD_CREATE. But I find there are only distribute to all roles. Could you advice if it can be distribute by...
View ArticleRecommended Settings for the Security Audit Log (SM19 / SM20)
Hi Security-Folks, I like to discuss with you the recommended settings for the Security Audit Log (SM19 / SM20). Here's my proposal: Profile Parameters: rsau/enable = 1rsau/selection_slots =...
View ArticleClik here to view.
Configuring SAP SNC without Single Sign-On on UNIX/Solaris/Linux
So, you want to enable SNC (without Single Sign On -- SSO) in your environment? You have Solaris (or other UNIX) and you don't want to pay for third party libraries? SAP has a solution for you! But...
View ArticleSAP, OpenSSL, and Heartbleed
I'm sure by now everyone has heard more than they wanted to about the latest vulnerability sweeping the Internet. As far as I can tell, SAP NetWeaver systems don't have any built-in OpenSSL components...
View ArticleUser XYZ has no authorization for tp command IMPORT
Dear friends, We have several users who are facing the issue while importing TR in QA system from DEV system. We have checked with the users by assigning them SAP_ALL and even then they are facing same...
View ArticleClik here to view.
Plant Level Restriction in Tx. OX09
Hi, I have an requirement to make restriction at plant level while executing transaction OX09. i checked transaction and found it is using SM30. But while executing this transaction i receive below...
View ArticleWhat is the need of Costum T-code ZSE16N.?
Hi,What is the purpose of costum t-code of table view(ZSE16N)..? SE16N itself is a display t-code and the table restrications are done through S_TABU_DIS and S_TABU_NAM configeration..
View ArticleNeed advice for transportation of Derived and parent roles
Hi, Good day to all.. I have a query regarding role transports involving Parent and derived roles.1. I know that when we transport Derived (Child) roles, the Parent role gets included in the Transport....
View Articleremote host supports the use of SSL ciphers that offer weak encryption
Dear All, Our Internal security audit suggests to avoid the use of Week SSL ciphers for our SAP PI 7.0 servers. We have followed the SAP note 510007 - Setting up SSL on Web Application Server ABAPas...
View ArticleHeartbleed: Don't change your passwords (yet)!
For the two people that have not heard of the OpenSSL Heartbleed-Bug yet, let me start with a short explanation (taken from Heartbleed Bug): "The Heartbleed Bug is a serious vulnerability in the...
View ArticleFeatured Content in Security
Wanted: Your Insights and Feedback on SAP Product SecurityEnsuring software security is a top priority at SAP, and development teams are continuously working on improving the security features of our...
View ArticlePreparing test cases for authorization objects
HI Every one, I am preparing test cases for on e of the role assigned to a user, In the ROLE i am having below authorization objects will you please help me how can i prepare test cases for the below,...
View ArticleClik here to view.
User mapping - Trusted RFC - 2 SAP Systems
Hi, we have a problem regarding different user id´s in 2 SAP systems. We have a global SAP system and a local SAP system. On our global SAP we have a BSP application. This BSP writes data into local...
View Articleminimum Authorization SAP user to extract data using sap connector
Hi Experts, We have our own application which uses SAP connectors(JAVA and .NET) to connect to SAP system to extract all the metadata.for this we make connection with SAP in our application using SAP...
View ArticleClik here to view.
Remove multiple roles from multiple user.
I want to remove multiple Roles from multiple users but there is also condition that in all user there is no all roles exist.in some user there is one or two roles or more roles are not exist .so give...
View ArticleAuthorization Object Error
Hi All, I added an object M_MATE_WRK in the master role and generated the profile for derived role as well.The necessary derived roles have the object now.When user runs a custom t-code which needs...
View ArticleRead Access Logging: Overview Presentation
The Read Access Logging tool for SAP NetWeaver Application Server ABAP allows you to monitor and log read access to sensitive data. This overview presentation explains in detail how you can use the...
View ArticleUser list for role & tcode
Hi, How to find the list of roles and tcodes assigned to a user, is there any specific table for the same. Thanks, Venkatesh
View Article