Dynamic Authorization at SAP BI Query execution
Dear Friends, Good Day! I have a strange requirement in SAP BI Reporting authorization. I have suppose 10 free characteristics in my query, COMPANY CODE is one of them, so requirement is when End user...
View ArticleSAP SSO with X.509 automate process with RSUSREXT
Hi,we trying to implement SAP SSO with x.509 certificates for HTTPS access (NWBC)Environment is: Windows 7 clients, Internet explorer, Netweaver ABAP 7.31 on Win 2008 r2, Win PKI. I've done the...
View ArticleUCON RFC Basic Scenario - Guide to Setup and Operations
To help you keep up with ever-growing security challenges, SAP NetWeaver 7.40 includes a new framework, Unified Connectivity (UCON), for securing Remote Function Calls (RFCs) in ABAP-based systems....
View ArticleNeed to give REVOKE CLOSE option in CO02 only for selective users
Hello, Need to Restrict Revoke Close Option in Tcode CO02 (Under Functions - Restrict Processing - Revoke Close) through Role/Object Level. Can any one suggest how to control this . Need to give...
View ArticleClik here to view.
mm02 tcode attacment list remove procedure
Dear Experts, MM02 Tcode security issue In MM02, mention the material number and choose the Basic view & click on "Attachment list" as shown belowOnce you click on attachment, you can see the...
View ArticleClik here to view.
APO Authorisation - Missing button in /SAPAPO/SDP8B
Hello Dear,I am trying to add a KF in a Dataview from in APO under transaction /n/SAPAPO/SDP8B, but I am not getting a Complete button to save the changes (as shown below from Q environment). I tried...
View ArticleBex query structure authorization error when copying to Y name
Hi Gurus, We are having a issue in BEX query. As per design, our IT team can copy Z queries to Y queries and modify/create Y queries in production but they cannot update/change Z queries. One of the...
View ArticlePermissions issues when trying to execute an external command
HI I am very new to SAP and was hoping for some guidance : As an administrator I created an external command in sm69 - a unix script that delete files on the app server.it works fine for me , with an...
View ArticleFor SSL certificate maintenance (renew) - restart requrired
Hello Colleagues, after certificate maintenance (renew) under ABAP at Trust Manager (Transaction STRUSTSSO2) is there any system restart, ICM service restart (still) required? System is SAP PI 7.31...
View ArticleWhy object M_MATE_NEU?
Hi together In different Retail systems we have (now) the object M_MATE_NEU which is used o.e. in transaction mm41.Until now we inserted the object in the roles whit mm41 because is needed to create...
View ArticleList of Developer Keys in the production enviroment
Can anybody tell me how to obtain a correct list of users with developer keys. There are currently two ways of getting a list of users with developer Keys (1)Generate a list through the SAP support...
View ArticleProblem with PRGN_INTERFACE_USER deleting SAP_ALL and SAP_NEW.
Hi all. I'm having trouble deleting of users with sap_all and sap_new. I am using the FM PRGN_INTERFACE_USER but is not solving the .Passo following parameters: Profile: sap_all, user: ALEBWSEMBPS,...
View ArticleUnified Connectivity (UCON)
To help you keep up with ever-growing security challenges, SAP NetWeaver 7.40 includes a new framework, Unified Connectivity (UCON), for securing Remote Function Calls (RFCs). RFCs are a central...
View Articlein which version of NetWeaver Unified Connectivity (UCON) is available?
hi all, I just learned about Unified Connectivity (UCON) from this document: How-To Video Guides for More RFC Security with Unified Connectivity (UCON)However if I try to run tcode UCONPHTL it is not...
View ArticleGateway Security: reginfo, secinfo, gw/acl_mode - how to set?
Hello, our EWA complained Gateway Security Settings.Gateway Access Control List (reg_info/sec_info) contains trivial entriesParameter gw/acl_mode can be set to 1. SAP recommends setting gw/acl_mode to...
View ArticleBlock the authorization in QM results recording
Hi All... I am a QM consultant ...Have some problem reg authorization...we have 2 level of authorization in QM module.Where 1st level is only allowed to record the results, they should not be allowed...
View ArticleOM Authorisations - PLOG
Hi During a recent review of GRC rule sets for HR, I came across certain OM Tcodes for which Object PLOG is not being checked, instead only P_ORGIN is being checked in the ruleset. i.e the SOD...
View ArticleClik here to view.
Designing for Security
There are two distinct ways on how you can build security into your software: have your software tested and/or hacked, and start applying technology to plug the holes and keep the bad guys outthink...
View ArticleNeed help reg this auth object..
Hi All, We some times see that though there is no authorization error, functional consultants when they execute tcode ' SU53 ' they get the result as ' S_USER_PRO ' auth object. As most of them doesn't...
View ArticleClik here to view.
Password-hash calculation
hi!passwords of our internet users are stored in BAPIUSW01-PASSWORD as a password hash. The hash is calculated by the system-call XXPASSNET. After we changed the password ruleset (kernel parameters...
View Article