SAP NetWeaver ABAP security configuration part 4: Unnecessary functionality
In our previous articles we’ve already presented you the list of the 9 most important business application security critical issues [1], covered patch management flaws [2] and provided the information...
View ArticleCan the profile be removed from SAP role ( having many profiles)
HI Gurus,Please let me know if the profile can be removed from role having nmultiple roles.If so what are the steps to be taken ThanksVishal
View ArticleVariable Authorization in BI
I have created a variable, an have marked it as 'Processing by Authorization'. But even if i do not do this, still then values can be picked up from Analysis Object. What exactly does this Variable...
View ArticleFolder does not appear in SAP User Menu
Hello All, I have, of late, assigned a composite role to a user. This composite role has a folder in menu tab. So, the user should be able to see this folder in his user menu. However, user doesnt seem...
View ArticleConcern on SAP Security
Hi All,I have come across a research finding on the vulnerability of SAP installations, in the link below. How and what are you guys putting in place to countermeasure these...
View ArticleAnalysis and Recommended Settings of the Security Audit Log (SM19 / SM20)
This document was generated from the following discussion: Recommended Settings for the Security Audit Log (SM19 / SM20) ContentsRecommended Settings for the Security Audit Log (SM19 / SM20)Profile...
View ArticleMultiple-Domain SSO Kerberos Authentication
Currently we are set up for SAP SSO using MS Kerberos exactly as described in SAP's guide at: http://help.sap.com/saphelp_nw70/helpdata/EN/44/0ebf6c9b2b0d1ae10000000a114a6b/content.htm Please think of...
View ArticleGenerated Analytic Privileges from BW Analysis Authorizations
Hi Experts, I need some information. We are using BW on HANA in our landscape. In BW, DSOs are being used as info provider. While activating DSOs, our developers select the check box "External SAP...
View ArticleRe-assign permissions for deleted BOBJ group
Hi, I'm at the intersection of SAP Business Objects [BOBJ] and SAP Security (perhaps this fits better in another forum). I have a BOBJ Enterprise group which was deleted accidentally and I need to...
View ArticleAble to create for all article types (MM41)
Hi All, Our functional team is creating articles using MM41 tcode. They were able to do the same for all article types & wanted to restrict for only 2 article types We asked them to link...
View ArticleAuthorization field for SAP Standard Field
Hello All, I having a query on Authorization field creation. We are having a field name "Follow Up Material" or NFMAT in MM01/MM02/MM03 Transaction under MRP4 Tab. I have checked if there is some...
View ArticleSAP Security Notes May 2015
SAP has released the monthly critical patch update for May 2015. This patch update closes a lot of vulnerabilities in SAP products, some of them belong in the SAP HANA security area. This month, three...
View ArticleAPI to add Actions to Role
Hi, This is in reference to com.sap.security.api. I am looking for a way to add Actions to Role. Tried the following: IPrincipalMaint principalMaint =...
View ArticleIs there a possibility that even when you remove a t-code from a role,...
Hey all, I would like to know if there is a possibility that authorizations get added to roles when you remove t-code from it... Kindly help me understand why this could happen or what can I check to...
View ArticleUser X not authorized to logon directly error
Hi, One of our users are experiencing an error while logging in to the system which says "User X not authorizedt o logon directly". The user type is DialogUser is not either expired or the password is...
View ArticleME21N restriction by material types
Hi We would like to restrict ME21N access by material type. I believe this is possible by turning on the authorisation check in SU24 for ME21N transaction for authorisation object M_MATE_MAR and once...
View ArticleCan a .Net application get the LogonTicket of an authenticated portal SSO...
A customer use a portal with SSO from windows clients. At the windows client the users login to a AD domain and in the browser they authenticate themself at the portal and work the whole day with this...
View ArticleValidate Keystore from mapping java UDF (SAP PI 7.4 java only)
Hi.First I try to explain the situation. We have interfaces with AFIP (government agency in Argentina for tax, electronic invoice...)We don't use the standard scenario for this (that in the SAP Note...
View ArticlePlant Level Security to hide costing
We need a way to hide costing in one plant in company 001 from all other users in other plants in the same company code (001) For example - we have 50 plants and 50 sales orgs in company code 001....
View ArticleWhat table is a user's language in?
The end result: I desire is a list of the language from the communication tab of a user profile.(This is different than the one under the defaults tab.) Langu_p is the field name. spras is the data...
View Article