SAP Security for Administrators
QUICK CHECK OF YOUR SAP SECURITY SETTINGS WITH THE XITING AUTHORIZATIONS MANAGEMENT SUITE (XAMS)
After the addition of Java Stack (the applications developed in J2EE, BSP, JSP, etc), the security standard for business processes was increased. Both ABAP and Java stack can be monitored from one platform. Netweaver supports standard protocols such as HTTP, SMTP, XML, SOAP, SSO, WEBDAV, WSDL, WMLSSO, SSL, X.509 and Unicode format (text processing representation).
A first important step was the introduction of playbooks to professionalize our work. Back then, SAP installation manuals were real tomes with hundreds of pages that often went around in circles and were anything but easy to understand....
Some useful tips about SAP basis can be found on www.sap-corner.de.
Virtualization of your entire SAP system landscape (some companies additionally operate an SAP HCM system, for example, which also needs to be virtualized)
In transaction PFUD (see image above), you can perform the user match manually for all roles (or selected roles). You can choose between the matchup types Profile Matchup, Matchup of Indirect Assignments from Composite Roles, and Matchup HR Organizational Management. According to SAP documentation, the matchups differ as follows: Profile Matchup: "The program compares the currently valid user assignments of the selected single roles with the assignments of the associated generated profiles and makes any necessary adjustments to the profile assignments. Matching indirect assignments from composite roles: User assignments to composite roles result in indirect assignments for the single roles contained in the composite role. This match type matches the indirect assignments of the selected single roles to the user assignments of all composite roles that contain the single roles. If the selection set contains composite roles, the comparison takes place for all single roles contained in it. HR Organizational Management comparison: This comparison type updates the indirect assignments of all selected single and composite roles that are linked to elements of HR Organizational Management. The HR adjustment is inactive and cannot be selected if no active plan version exists or if a global deactivation has been made by setting the Customizing switch HR_ORG_ACTIVE = NO in table PRGN_CUST. Furthermore, the option "Perform cleanup" is interesting, which can be selected independently of the three adjustment types and does not refer to the role selection. The Perform Cleanup function can be used to remove residual data that resulted from incomplete deletion of roles and the associated generated profiles.
Always the latest version: Your system will always be up to date and you will have access to the latest versions. Patches are performed by the external SAP Basis team.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
Adding the organisational level to the master role Step 2: Define derived roles Create derived roles Assign the master role After you have created the master role, it is the derived roles that are in the process.
The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.
Before the project starts, it must be clear which systems are to be connected to the IdM and which services the system is to provide.