Quantcast
Channel: SCN: Message List - Security
Browsing all 5338 articles
Browse latest View live

Re: The auth values are there in the role but it is not showing in SE16 and SUIM

:0
:0
November 2, 2014, 10:23 pm

Exactly ! I am not sure. Maybe the implementation team might have done. I am in the support phase.. Can you please let me know what kind of customization in 1252 allows this kind of behavior..  Thanks...

View Article
Search

Re: Access to ABAPER On Production

:0
:0
November 2, 2014, 11:50 pm

Hi, Is there a SAP note which recommends that there shouldn't be any developer with a developer key in the production system? Please let me know. Regards,

View Article

Re: Access to ABAPER On Production

:0
:0
November 3, 2014, 12:11 am

basic security 101 due to risk

View Article

S_RFC can´t be adjusted in PFCG

:0
:0
November 3, 2014, 5:29 am

Hi experts, I have a question regarding the authorization object S_RFC. I have a role which should extend this authorization object. The object can´t be maintained via the role in the Permissions tab...

View Article

CL_HTTP_CLIENT trying to use SSLv3, even though it's turned off?

:0
:0
November 3, 2014, 8:24 am

I'm trying to eliminate the use of SSL 3.0 following the POODLE vulnerability disclosure. However, something is broken and I'm not sure how to un-break it. It might be a fundamental flaw. I'm trying to...

View Article

Re: CL_HTTP_CLIENT trying to use SSLv3, even though it's turned off?

:0
:0
November 3, 2014, 9:07 am

Update: I found the problem. The error message is completely unhelpful, but if one of the cipher suites supported by SAP isn't available on the server with which you're trying to communicate, then even...

View Article

Re: CL_HTTP_CLIENT trying to use SSLv3, even though it's turned off?

:0
:0
November 3, 2014, 12:05 pm

Hi, regarding wrong prefix. There seems to be a legacy reason mentioned here. This means that there does not seem to be a way to disable SSLv3 in ABAP AS. What happens if you allow...

View Article

Re: S_RFC can´t be adjusted in PFCG

:0
:0
November 3, 2014, 12:11 pm

Hi, you should handle RFC enabled FMs as transactions. So you can maintain authorization defaults for them in SU24, Then in PFCG  you can add authorization default for RFC function module. This will...

View Article
Search

S_OC_ROLE authorization object with Administrator

:0
:0
November 3, 2014, 12:28 pm

Hi, May i know what are the possible options we will get with S_OC_ROLE with Administrator value. When i launch SOST transaction to see Out bound emails, it checking these values. if we don't have...

View Article

Re: after run PFCG_ORGFIELD_CREATE, still can not modify the new org. level

:0
:0
November 3, 2014, 2:47 pm

Hi, Frank. We've had the some trouble recently and I paid my attention to the fact that the table USVART is language dependent. If a data element is a custom one (z*) and was created inaccurately, then...

View Article

Re: S_RFC can´t be adjusted in PFCG

:0
:0
November 6, 2014, 4:53 am

Hi Cheers, thanks ! SalutiIlona

View Article

Re: Recommended Settings for the Security Audit Log (SM19 / SM20)

:0
:0
November 6, 2014, 5:12 am

How to log critical debugger events: Using the debugger in general might already be seen as critical but using debug-replace is considered as very critical by all auditors. The corresponding Security...

View Article

SAP Audit for Client Dependent Config Tables and more

:0
:0
November 6, 2014, 6:59 am

So we recently got audit concern about users being able to access certain functions.  However I seem to be at a loss in trying to figure out how I would find out where these are setup to give access to...

View Article

Re: SAP Audit for Client Dependent Config Tables and more

:0
:0
November 6, 2014, 7:20 am

SE11 and SE80 is where DD Object changes are made. Neal

View Article

Re: SAP Audit for Client Dependent Config Tables and more

:0
:0
November 6, 2014, 7:31 am

The users who came up on the audit don't have access to either of those.  Could it be something else?

View Article
Search

Re: SAP Audit for Client Dependent Config Tables and more

:0
:0
November 6, 2014, 7:48 am

Your auditor needs to tell you how they think that those folks are going to be able to change a DD object.  My response would be that the only way that I know of to change that is using those...

View Article

How to audit customer display transactions?

:0
:0
November 6, 2014, 8:42 am

Dear colleagues, Do you know a mechanism to keep trace of all the customer display transactions in detail? I mean, is it possible every time a user execute a transaction where customer information is...

View Article

Re: How to audit customer display transactions?

:0
:0
November 6, 2014, 11:20 am

Carlos, Only transaction I am aware of that will allow you to keep track of clients transactions would be ST03N. Not sure if that answers exactly what you were looking for.

View Article

Re: How to audit customer display transactions?

:0
:0
November 6, 2014, 12:27 pm

Hi, Read Access Logging may do what you need: Read Access Logging (RAL)

View Article

Re: How to audit customer display transactions?

:0
:0
November 6, 2014, 12:41 pm

Great, that's exactly what i'm looking for!

View Article
Browsing all 5338 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>