Re: Password synchonisation between two ERP systems
Hi, As far as i know, you can use SAP IDM to set password and distribute the password to managed systems. For shared PC, SAP SSO 2.0 SP05 supports RFID Identification which might be useful in your...
View ArticleRe: Password synchonisation between two ERP systems
Hi, just to add to this. Generally, password synchronization is a bad idea. It's error prone and should be replaced by SSO. As mentioned by Jim there are solutions that target retail environment where...
View Articlewhen I run rvkred09, always get the log of "object requested is currently...
Dear friends we have sap and fscm together, now our business users ask for automatically credit check for order and delivery, so we find the standard credit check report rvkred09, but when we test this...
View ArticleRe: when I run rvkred09, always get the log of "object requested is currently...
Moved from SAP ERP SD Sales to Security
View ArticleSPRO Restriction based on userid
Hi Experts, i am new to the security, kindly help me in below issue. i need to restrict the SPRO based on the module wise. i have create the new project under SPRO_ADMIN and assign user and user can...
View ArticleRe: list users with multiple transactions
Hello, many thanks for this answer, I'm not so far from the result. I obtain a result, but with a OR condition between Tcodes. I have users with Tcode1, OR Tcode2, OR tcode3 etc... What I need is users...
View ArticleSAP ECC - Authorizations tcode PA20/PA30
Hi all, I have a doubt about how the system identifies the values associate to PA20 and PA30 transactions in a role with this two transactions. Both transaction have the object P_ORGIN but when keep...
View ArticleRe: SAP ECC - Authorizations tcode PA20/PA30
Hello Pedro, If you check navigation path from easy menu you will be able differntiate. PA20-->SAP Menu->Human Resources->Personnel Management->Administration->HR Master Data->Display...
View ArticleRe: SAP ECC - Authorizations tcode PA20/PA30
Thanks Anand, More doubt is more technically. I want understand the logical behind the way the system uses to validate what fields it will read in case of a PA20 or PA30 transaction. In a role with...
View ArticleTcode Authorization Requirement - F_FAGL_LDR
Hello, Years ago before I was the SAP Security Admin for my org, an additional authorization requirement was implemented for tcodes - Ledger auth F_FAGL_LDR and F_FAGL_SEG. However, SU24 was never...
View ArticleRe: SAP ECC - Authorizations tcode PA20/PA30
Hi When you build role by transaction assigning, system gives you only authorization objects set in configuration as "proposal" (SU24). For PA20 it can be P_ORGIN-AUTHC=R with all other fields empty....
View ArticleSystem asking to change password everytime a user is trying to Login.
Hello, SAP is asking to change password every time the user is trying to login. Checking profile parameter will not make sense as this is happening only to one user. I think the answer lies in USR02...
View ArticleRe: SAP ECC - Authorizations tcode PA20/PA30
Hi Pedro, If both the instances of P_ORGIN are assigned in 1 user, then both the set of values will be applicable to both the t-codes. So, you can use one instance, instead of 2. Therefore, you need...
View ArticleRe: SAP ECC - Authorizations tcode PA20/PA30
Thanks for the reply Pablan, But in that case, if the system uses both set of values for the same object, how can I have restrictions for PA30 (for example, some infotypes can be modify) and other...
View ArticleRe: System asking to change password everytime a user is trying to Login.
Hi Arya, Have you tried to check if that user has any active session in SM04? If yes, that session needs to be terminated. If it does not work then only workaround is to delete that user and recreate...
View ArticleRe: SAP ECC - Authorizations tcode PA20/PA30
Hi Pedro, Mainly the screen which appears for PA20 is display only and PA30 with maintenance access this is because the functionalities are hard coded in ABAP program. To answer your question, PA20...
View ArticleRe: Tcode Authorization Requirement - F_FAGL_LDR
Hi Ken, I presume you have not performed security upgrade steps in SU25 and hence why you are now trying to find the affected transactions for authorization object F_FAGL_LDR. You can determine the...
View ArticleRe: Best way to control display authorizations to GOS (attachment list) in XK03
Would you mind sharing how you achived it? We have similar requriement where I want to get document level locking in the display mode of the Vendor Thanks,Shruti
View ArticleRe: SAML2 SSO configuration on internet
Hi Tajinder, We have exactly the same issue as yours in that we also access Fiori from the internet with an external name and on the inside network with an internal name. The problem is that when...
View Article