Re: User Comparision Showing Red inspite of running PFUD
Then it might either be a UI problem (there were some a while back it it has quitened down now already) or someone ran Su25 steps directly in production? (Su25 should always be transported - but there...
View ArticleRe: Java Security Warning
I already installed the self signed certificate in the Trusted Root CA on Citrix servers( i connect to sap system through citrix) but this fixed another warning pop up window that i had before this one.
View ArticleRe: Java Security Warning
This is a standard JAVA security warning for unsigned applets and not related to the certificate set up at all. The changes have been introduced by Oracle with Java 7 update 21. According to OracleThe...
View ArticleStructural Authorizations Time Administrator Assignment
Hi I would like to know some information around Structural Authorizations where there will be couple back end reports that we will push out toMSS that will require structural authorizations. The...
View ArticleIssue in SAP Security PFCG Merge option
Hi All, I am facing an issue with " Read old Data and merge with new Data option " in PFCG. The issue is described below. I have created a Role in which i added a t-code SU01 and this t code has got...
View ArticleHow to skip authority check tcode XK01, XK02
Hi guys,I'm facing a issue related to authority check tcode as bellow, please let me a suggestion: Requirement from my customer:One user haven't authority on tcode XK01, XK02 but can update data...
View ArticleRe: Problem in Optimising the use of K_PCA for Profit Center Restriction
Hi Harsha, This is common and a very important step when designing Security on transactions.In your scenarion it looks like t-code F-02 is talking to FB50 t-code in the backround due to which it takes...
View ArticleRe: VF03 and K_PCA no authorisation. Trace file return code = 4
Hi Kevin, can you debug & set a breakpoint at the auth check and see what is happening after the check has failed? It sounds like the subsequent logic after the check isn't doing what it should...
View ArticleRe: Problem in Optimising the use of K_PCA for Profit Center Restriction
Hi, this is standard behaviour. The transactions share K_PCA so the auths will be available to any transaction that requires them. If you need to segregate them (and arguably if you are performing...
View ArticleRe: Auth on MR21 per plant
I checked there is no auth. object for MR21 , the auth. object earlier given by me is only way by which u can give plant authority
View ArticleRe: Auth on MR21 per plant
Okay, let us move this discussion to the security forum, there are the experts for authorization issues
View ArticleUD not possible, But the UD change field is updated which should not happen
Hi Experts, Could you please help on the below query. As per the business we have restricted UD creation(Through transaction QA11)access in a role. We have restricted field value L in the authorization...
View ArticleRe: VF03 and K_PCA no authorisation. Trace file return code = 4
Hi Alex The code passes the value RC=4 in the BreakPoint Below. After this it will loop again and then display the Billing Document. There appears to be nothing in the code to "Stop the execution Endif...
View ArticleRe: VF03 and K_PCA no authorisation. Trace file return code = 4
Sounds like a nifty bit of coding. Good luck!Cheers
View ArticleRe: User Comparision Showing Red inspite of running PFUD
Alex , Hi ! No we are not using derived roles but only composites containing menu +data (individual +analysis ) + reporting roles. Reg ,Anthony
View ArticleIdentify Which External Applications are Calling Your RFCs
Question: Using RFC Web Services, how can remote calls to these RFCs be engineered in such a way as to be able to identify the calling server AND application name? What are the prerequisites for doing...
View ArticleRe: Identify Which External Applications are Calling Your RFCs
The trick is to use BAPIs with stable interfaces, then you dont have this problem. Of course you might also create RFC wrappers for the BAPIs and create a webservice for the wrapper. If more than one...
View ArticleRe: Is there a easy way of combining the data from multiple EarlyWatch Alert...
Yes, It is called "Security Configuration Validation". There is a whole wiki on it. But it is something you need to set up. Comparable to a small project (there is an inst guide, but no inst wizard)....
View ArticleRe: User Comparision Showing Red inspite of running PFUD
What do the upgrade set look like in DEV? Back then, running step 2A turned every thing red which was affect and only clears when you use the merge function (step 2c). If you complete the upgrade in...
View ArticleRe: How to skip authority check tcode XK01, XK02
There is a difference between processing a BDC recording and running a custom program which makes BDC calls to process screen (which might not make any checks) and then CALL TRANSACTION to commit the...
View Article