SAP Basis Recording customer infrastructure and consulting SAP® systems and operations

Direkt zum Seiteninhalt
Recording customer infrastructure and consulting SAP® systems and operations
SAP NetWeaver
SAP offers a huge toolbox of different technologies to support business processes. The usefulness of their use is essentially determined by the task and its technical requirements. We have gained a lot of valuable experience in the following technologies, which we would like to make available to you.

The tasks of a company's own SAP Basis department are currently undergoing enormous change, as SAP is also increasingly relying on cloud services. Strategically, completely self-hosted SAP systems are becoming rarer and the proportion of customers using an SAP system from the cloud is increasing. The new roles of SAP Basis employees tend to be "enablers" and coordinators between the cloud provider and internal IT and the business departments. Until that time comes, companies can also rely on external service providers to offer expert know-how as well as operational support for the transition period.

The website www.sap-corner.de offers many useful information about SAP basis.
Installation/upgrade of SAP systems based on SAP Netweaver
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.

In the result table USERTCODE are the transaction codes of the SAP users. Afterwards you simply have to output the complete list via "Object > Output complete list". Then save the list via "System > List > Save > Local file". The column Account contains the SAP user. This way you can see the used transactions grouped by SAP user.

For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.

This match type matches the indirect assignments of the selected single roles to the user assignments of all composite roles that contain the single roles.

The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.


By using an IdMSsystem, manual processes can be replaced by automated workflows that are mapped and administered centrally.
Zurück zum Seiteninhalt