SAP Authorizations Use application search in transaction SAIS_SEARCH_APPL

Direkt zum Seiteninhalt
Use application search in transaction SAIS_SEARCH_APPL
Starting Web Dynpro ABAP applications
You should then enable the latest version of the hash algorithms by setting the login/password_downwards_compatibility profile parameter to 0. This is required because SAP systems maintain backward compatibility by default. This means that, depending on your base release, either the new hash algorithms will not be used when storing passwords, or additional outdated hash values of passwords will be stored. You should then check to see if there are any old hash values for passwords in your system and delete them if necessary. Use the report CLEANUP_PASSWORD_HASH_VALUES.

To do this, first define what information should be checked. In the SU20 transaction, verify that the required fields may already exist as permission fields. If you want to check custom fields, you must create your own permission fields in the transaction SU20. Please pay particular attention to the (F4) help provided. When defining customised permission fields, you assign a name in the Field Name field that is in your Customer Name Room and assign the corresponding data element and, if desired, a table name for a value help. The next step is to create your own authorization object and assign your permission fields and, if necessary, default permission fields. If you use the ACTVT field to validate the activity, you must use the Activities allowed button to select the activities that you want to validate from the source code of your programme. For recommendations on the naming conventions for authorization objects, see SAP Note 395083.
Deleting table change logs
In this case, please note that you may need to replace the SS table permission group with other table permission groups. This is required if you have entered a different table permission group when maintaining the table permission groups, for example, for the T000 table.

The Security Audit Log now logs the table or view name and the scheduled activity of external table access via RFC connections; a new message type has been defined. You can find this fix and an overview of the required support packages in SAP Note 1539105.

Assigning a role for a limited period of time is done in seconds with "Shortcut for SAP systems" and allows you to quickly continue your go-live.

So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.

On the one hand, sensitive company data must not fall into the wrong hands, but on the other hand, they also form an important basis for decisions and strategic company directions.

To minimize the risk of a system failure or the creation of a security vulnerability, administrative rights should only be granted to employees in the basic administration.
SAP Corner
Zurück zum Seiteninhalt