Quantcast
Channel: SCN: Message List - Security
Browsing all 5338 articles
Browse latest View live

Re: Access Cleaning in SAP ECC6.0

What do you mean by "Ask basis to revoke access to all tcodes not used by the users"? What do you expect from the basis team who administrate the system to invoke such a change and how? Cheers,Julius

View Article


Re: SM20 Reports

In BW you will definitely run into problems as they use this generation feature. They sometimes add table contents which are client specific, even if 000 covers most. It is a lesser evil and DDIC is...

View Article


Re: Access Cleaning in SAP ECC6.0

I doubt that the guru easily "found himself" in this dilemma. Usually the mess is old and passed on. Best option as the first question to ask is when a system consolidation or upgrade is due, and...

View Article

SAP PI vulnerability tool

Hi experts,Is there any tool oriented to check the PI vulnerability?. A tool to identifies adapter problems in the JDBC, SOAP and so on adapters, java/ABAP configuration risks in PI, security notes not...

View Article

Re: SAP PI vulnerability tool

I have only ever once seen anything remotely like that -> www.arianim.com One of my customers use it to analyse and document their channels and connections and their status, so it is more a PI / PO...

View Article


Re: SM20 Reports

You have SAP_BASIS version level lower than 7.40 "Security levels" fields have values:ALL = Critical - RedCritical = Important  - YelowSevere and Critical = Non critical - Green After you will have...

View Article

Image may be NSFW.
Clik here to view.

Re: SM20 Reports

Julius, Here is the system info: 1.00.83.00.395718Kernel 721 

View Article

SQ01 - Disable create/change button

We are currently on Basis release 4.6 C, I am trying to disable Create/Change button in SQ01 transaction, following one of the SCN posts I Unmaintained S_QUERY Authorization object. This solution...

View Article


Image may be NSFW.
Clik here to view.

Re: SM20 Reports

Julius,  I bow in deference to your knowledge of this area. It’s extremely helpful toget a thorough understanding on the nuances surrounding DDIC and SM20.   Some background on me. I am an IT auditor...

View Article


Image may be NSFW.
Clik here to view.

Re: SM20 Reports

Przemyslaw, Now you tell me!  How did SAP get that backwards? We have less than 7.4 as you can see in my post so that explains it. Now I need to do what I can to make the output more reasonable and...

View Article

Re: SM20 Reports

You have to be very careful with the advice which auditors give you... I will get around to the blog some time soon and ping this thread. Yes, there is an obscure SAP note about it - will track it down...

View Article

Re: In what case would you assign transaction to System User Type?

Hi,System user type has two significant properties - Dialog logon is not possible with this-Security policy will not applicable for this user type( ex : password length, password expire time etc) This...

View Article

Re: In what case would you assign transaction to System User Type?

I was aware that dialog logon is not possible here.I understand that the password does not expire.I know that it is most commonly used for RFC communications and Batch Job configurations The response...

View Article


Re: Derived roles are getting overwritten everytime when I update Master Role.

Lokesh, Master and derived role only should vary at Org level.I am not sure why you do specific changes only to derive role, Give more details about the requirement and see if you get any helpful...

View Article

Re: Derived roles are getting overwritten everytime when I update Master Role.

Hi Lokesh, The main principle of derived roles is that they inherit all object level access from the parent with the exception of organisational levels. Using derived roles you cannot achieve your...

View Article


Re: In what case would you assign transaction to System User Type?

Hi Marianne 1. Batch users (system user type) are often required to execute programs which may call transactions, perform BDC sessions using real transactions, processing failed IDOCS etc.  Where there...

View Article

Re: Looking for information about "data breach notification process"

Hi Randolf, Unless you are referring to policy internal to SAP, data breach notification is generally technology agnostic and will vary based on local regulation.   In the UK we have guidance from the...

View Article


Re: Could we restrict ability to approve hours in CATS_APPR_LITE and CAT7?

Hi, the easiest way is to activate authorization trace (ST01) and see what is being checked in CATS_APPR_LITE. If you can't find any standard object that will help with your requirement then I am sure...

View Article

Re: Looking for information about "data breach notification process"

I guess Randolf is asking if SAP has it's own guideline how it's going to respond to data breach on HCP platform. I guess that's what potential customers of HCP are asking for. Obviously, SAP must...

View Article

Re: SAP Security weekly, Monthly, Yearly Activities

Hi, You are right to be concerned.  What you are describing falls under IT General Controls (ITGC's) and I would expect all of the above to be covered by monitoring once fixed.  Most importantly is...

View Article
Browsing all 5338 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>