What is the basic difference in using SM30 and SE16 to get the data from the tables.
Also, Is there any use in preventing the users the use of SM30 from the security point of view.
Thanks, DVRK
↧
SM30, SE16
↧
usage of SM18, SM19, SM20
please explain the usage of transaction codes SM18, SM19, SM20 in SAP, for audit.
Regards
Puneet
↧
↧
How to display users with their assigned roles and transaction codes
Good day,
I would like to list users with their roles and transaction codes. I do not find any option in SUIM that can display them in a single page where I can print them out easily. Is this possible?
Thanks!
↧
Edit function removed from SE16N transaction, reports and interface FM
↧
Impact of SAP ECC6.0 upgrade from EHP4 to EHP6, Security perspective.
Hello,
Our client is planning to upgrade SAP ECC6.0 system from EHP 4 SP6 to EHP6 SP5.
I am unable to find appropriate documents/discussions that will tell me if it has any impact on SAP Security infrastructure.
If yes, any pointers from where I can get information to estimate the efforts required ?
We had a considerable impact when we applied EHP4 on ECC 6.0.
Would EHP4 to EHP6 have similar impact ?
Thanks,
Kshitij
↧
↧
How to stop sapstartsrv and sapstart processes ?
Dear all,
I'm looking for a way to deactivate the sapstart and sapstartsrv processes which keep running every time I stop the system (NW04s on AIX 5.2).
I checked the SAP notes 823941 and 936273 but they only explain how I can configure the SAP MMC better, but I'd like to get rid of it (as it's a security risk if someone knows the ports).
I tried it by removing the entry in /usr/sap/sapservices, but that didn't change anything.
Does anyone know what I can do that these processes would not be startet in the future?
Best regards
Cornelia
↧
No RFC authorization for function module RFCPING
Hello Experts,
We are getting "No RFC authorization for function module RFCPING" though i can see the we have the following authorization in the role.
| Manually Authorization Check for RFC Access | S_RFC |
| Manually Authorization Check for RFC Access | SECLCKSUSP00 |
| Activity | 16 | ACTVT | |
| Name of RFC to be protected | SCT2, SDTX, SU_USER | RFC_NAME | |
| Type of RFC object to be prote FUGR | RFC_TYPE | ||
Can some please help me if he has faced the same error or have any kind of solution on this.
Thanks in advance
↧
Security interview questions - some fun to tickle your brain.
Hello gurus,
I know that posting interview question series are not allowed if the person has not put in any effort, but I have and folks seem to want to practice a bit sometimes so I take the liberty of creating a central one.
Tackle one or all of them to test your knowledge.
There are no model answers.
If you want to suggest additional ones, then please contact me.
The rules
Flaming of answers is allowed.
Funny answers earn a beer (or cup of tea).
There are no points.
1) When PFCG proposes 3 activities but you only want 2, how do you fix this?
2) What is the use of transaction PFUD at midnight?
3) Is PFUD needed when saving in SU01 and does the user need to logoff and on again after changes?
4) How are web services represented in authorizations of users who are not logged on?
5) How do you force a user to change their password and on which grounds would you do so?
6) What is the difference between SU24 and SU22? What is "orginal data" in SU22 context?
7) When an authorization check on S_BTCH_JOB fails, what happens?
8) Can you have more than one set of org-level values in one role?
9) Should RFC users have SAP_NEW and why?
10) What is an X-glueb command and where do you use it in SAP security?
11) What is the disadvantage of searching for AUTHORITY-CHECK statements in ABAP OO coding and how does SU53 deal with this?
12) In which tables can you make customizing settings for the security administration and name one example of such a setting which is usefull but not SAP default?
13) Can you use the information in SM20N to build roles and how?
14) If the system raises a message that authorizations are missing but you have SAP_ALL, what do you do?
15) Name any one security related SAP note and explain it's purpose or solution.
16) What are the two primary differences between a SAML token profile and a SAP logon ticket?
17) Where do you configure the local and global settings of the CUA and what are the consequences of inconsistent settings?
18) If you have users in different systems with different user ID's for the same person, what are your options to manage their authorizations centrally?
19) Explain the use of the TMSSUP* RFC destinations and the importance of the domain controller?
20) Why should you delete SAP_NEW profile and which transaction should you use before doing so?
To be continued...
↧
Transaction codes for roles
Hi,
How can i see all the transaction codes with T.codes assigned to one role. Becuase in PFCG we can't see the t.codes in the menu tab
Thanks,
Satya
↧
↧
SAP User tables
Hello Everyone!
Is there some sort of SAP table that retains a little bit of user info (i.e. full name) after it has been inactive from SAP system? Because reports appear with blank user field when the user has already left the company. It could be a problem with the auditors.
Thanks in advance!
/Olyn
↧
SAP GRC Access Control 10
Hi Guys,
I have been asked to setup GRC access control 10 on our Solution manager 7.1 sp9.
i have installed the ABAP Component GRCFND_A V1000 sp08 and GRCPINW V1000_700.
We have ECC landscape where we want to monitor the access to users.
So do i need to install the ERP plug-in also?
And how can i configure and use access control 10.
In Virsa we to execute /n/virsa/zvrat to check for conflicts and use rule architect to setup rules.
How can use acesss risk analysis in AC 10.
Please guide.
Thanks in advance..
Regards
↧
How to display users with their assigned roles and transaction codes
Good day,
I would like to list users with their roles and transaction codes. I do not find any option in SUIM that can display them in a single page where I can print them out easily. Is this possible?
Thanks!
↧
Error during the retrieval of the logon data stored in secure store
Hi,
after a system copy from PRD to QAS, I tried to reconfigure the Transport Management System and got the following error message when adding the QAS system to the transport landscape:
RFC communications error with system/destination DOM_CTL
An RFC error occurred in the TMS communications layer.
Target system: DOM_CTL.(000)
Function: TMS_CFG_CREATE_A2D_REQUEST
RFC message: Error during the retrieval of the logon data store
Error during the retrieval of the logon data stored in secure storage.
What should I do to correct this?
Transaction SECSTORE doesn't show any relevant errors...
thanks
Antonio
↧
↧
Impact of SAP ECC6.0 upgrade from EHP4 to EHP6, Security perspective.
Hello,
Our client is planning to upgrade SAP ECC6.0 system from EHP 4 SP6 to EHP6 SP5.
I am unable to find appropriate documents/discussions that will tell me if it has any impact on SAP Security infrastructure.
If yes, any pointers from where I can get information to estimate the efforts required ?
We had a considerable impact when we applied EHP4 on ECC 6.0.
Would EHP4 to EHP6 have similar impact ?
Thanks,
Kshitij
↧
Last accessed date on a SAP table and user's activity on a transaction
Hi,
- Is there a way to find out (using transaction/table) last accessed date on a SAP table and who accessed it?
- Is there a way to find out (using transaction/table) user's activity on a transaction? (when was the last time user accessed a particular transaction)
Thanks,
Karan.
↧
SM30, SE16
What is the basic difference in using SM30 and SE16 to get the data from the tables.
Also, Is there any use in preventing the users the use of SM30 from the security point of view.
Thanks, DVRK
↧
Difference between Role & Profile
Hi
I created users through SU01 and assigned the profiles e.g SAP_ALL, SAP_NEW etc.
When i created profile using profile generator and assign, it assign to Role & Profile .
Can you please clearify for me the concept beteen Role & Profile
Thanks
↧
↧
Impact of SAP ECC6.0 upgrade from EHP4 to EHP6, Security perspective.
Hello,
Our client is planning to upgrade SAP ECC6.0 system from EHP 4 SP6 to EHP6 SP5.
I am unable to find appropriate documents/discussions that will tell me if it has any impact on SAP Security infrastructure.
If yes, any pointers from where I can get information to estimate the efforts required ?
We had a considerable impact when we applied EHP4 on ECC 6.0.
Would EHP4 to EHP6 have similar impact ?
Thanks,
Kshitij
↧
Edit function removed from SE16N transaction, reports and interface FM
↧
Last accessed date on a SAP table and user's activity on a transaction
Hi,
- Is there a way to find out (using transaction/table) last accessed date on a SAP table and who accessed it?
- Is there a way to find out (using transaction/table) user's activity on a transaction? (when was the last time user accessed a particular transaction)
Thanks,
Karan.
↧