Re: Removing roles using SU10
Actually, this is the best solution, you can delete roles as Peeyush described, without need of PRGN_COMPRESS_TIMES program.
View ArticleRe: Removing roles using SU10
Hi , But in the PRGC_COMPRESS_TIMES Program please select the option "Delete Expired Assignments", and I suggest please try for one user and then do for all the other users. When we did for mass users...
View ArticleRe: Periodic Update to Derived roles
Hi Julius Merry Christmas! Referring to your comment: "or take it on the nose that you will have to maintain a few fields locally in the role data." Does this mean the org levels in derived roles...
View ArticleRe: Periodic Update to Derived roles
Hi DB, No. That is not what I meant. If you don't use derived roles then you have the freedom to maintain a few non-org fields in the roles if you do want to make the decision in the role and dont want...
View ArticleSAP HR - How to Give access to expats and Impats PERNR through a structural...
Dear all, I have some difficulties to make a structural profil to give access to employee (P) through Central Person (CP) In our Company, some employees are expatriates to another country.These...
View ArticleRe: In BW 3.5 - Making an Customer Auth Obj and Organizational Item
Hello Julius,First, thank you for your reply. I have returned from Holiday. In reply to your last question, there is no upgrade planned. The current plan is to stay with BW 3.5 until a Global...
View ArticleRe: user validity expiring notification should come while login by user?
Hi, just another hint:Please, check notes 1793961 & 1656965 for automated actions according to the checks like in RSUSR200. Best Regards,Holger
View ArticleWeak SSL Cipher
Hi Security Experts, While running vulnerability scans before deploying new Application servers NW 7.31 ABAP, kernel 401 for windows. we are getting weak ssl cipher supported error with port5$$14 SAP...
View ArticleRe: Weak SSL Cipher
I'm not sure how you could set the ciphersuite for sapstartsrv. You can disable the HTTPS port by following instructions given in SAP note 1036107.
View ArticleRe: Weak SSL Cipher
Since the SAP instance specific sapstartsrv is using the instance profile you could try to set ssl/ciphersuites according to SAP note 510007 and see if it helps.
View ArticleRe: In BW 3.5 - Making an Customer Auth Obj and Organizational Item
Hi Rich, Based on your latest reply, Please try to create a new customized authorization object by using t code RSSM instead of using SU21. Here Salesorg field is by default Organizational field. Steps...
View ArticleRe: Weak SSL Cipher
Thank you, I will add the parameter and see if that fixes this problem. looking at the details of the parameter, my worry is if this will break something which is working. I believe this parameter...
View ArticleRe: Weak SSL Cipher
Yes that parameter will affect ICM services as well. Apart from testing the impact, I have no other recommendations.
View ArticleRe: Weak SSL Cipher
Yogesh-Follow this SAP note: 510007 - Setting up SSL on Web Application Server ABAPand set appropriate values for ssl/ciphersuites and ssl/client_ciphersuites. While setting these params make sure you...
View ArticleRe: Weak SSL Cipher
Thank you for this information. After analyzing the parameters, I am worried it will generate a whole lot of work. Adding cipher control on the SSL communication. We have over 20+ production SAP and...
View ArticleRe: Weak SSL Cipher
Login to the HTTP port (5xx13) of your SAP MC using a browser. A Java applet is launched and that is why you need to have a working Java runtime. In the Java applet select menu entry Tools ->...
View ArticleRe: Weak SSL Cipher
Correct, you can even delete the indicator from tools--> settings. Also, refer to 1439348 - Extended security settings for sapstartsrv :"Restrict network access Another option is to restrict the...
View ArticleRe: Weak SSL Cipher
That checkbox is already disabled when I connect via http. I connect via https and disable it but the access point is still there. I stopped and restarted the SAP service but same result. I guess what...
View ArticleRe: Weak SSL Cipher
Hi Yogesh, your original issue was that SSL was allowing some weak cipher suits to be used for connection. For example you really do not want to use suites that use 3DES. This is a common issue and you...
View ArticleRe: PFCG restriction: how to restrict security team from self assignment of...
Vijay, You can do it. Put the Security team in one user group and then restrict them under object S_USER_GRP and S_USER_AGR / S_USER_PRO (if required) but the assignment values 22, 78 like that.. Hope...
View Article