Re: Is there a easy way of combining the data from multiple EarlyWatch Alert...
To follow up with that, have a look here: https://service.sap.com/changecontrol
View ArticleSU25 - Maintenance not allowed in this client after Upgrade
Hello, in development system I did after Upgrade from 4.7 to ECC 6.0 the steps in SU25. I now try to repeat these steps in productive system. If I start transaction SU25 I get following error...
View ArticleRe: SU25 - Maintenance not allowed in this client after Upgrade
You must transport to production via step 3. Then the irritating popup in pfcg will go away. No su25 steps should be run in production.. Cheers,Julius
View ArticleRe: SU25 - Maintenance not allowed in this client after Upgrade
Hello Julius, thank you for your fast answer. In PFCG on productive system there is no popup.In development system there were no changes in step 2a, manual adjustment of proposals was not necessary. So...
View ArticleRestrict Table Access to HR Table
Hi Gurus, I'm aware there are a few tcodes which are used to access tables information such as: SE16, SE16N, SE11, SM30, etc. I think there could be a couple more. Due to security issue, wIll it be...
View ArticleRe: SU25 - Maintenance not allowed in this client after Upgrade
Yes, you must always transport. The main reason is keeping SU24 intact for no-check indicators and preventing maintenance outside of the system where the roles are built. These no-check flags affect...
View ArticleRe: Activity BD in auth. obj s_tabu_dis
Hi, Security Techies, When i try to create a role using authorization object, I found the activities 02-change, 03- display and BD in s_tabu_dis. The found its description as Maintain object in...
View ArticleRe: how to search authorization objects by field?
A check which is incorrect (e.g. too strict) is however also not correct. I like your idea is scanning USOBT_C. There you can often find a comparable transaction which does the same or similar as what...
View ArticleRe: SU25 - Maintenance not allowed in this client after Upgrade
Hello Julius, thank you very much for your support - as you adviced I transported the no-check flags into productive system, so SU25 is clean :-) Best Regards,Julia
View ArticleRe: SAP GRC Access Control 10
Hi Abhishek, Take help of someone who has installed it in lab/production environment. A friend of mine spent a lot of time setting it up but had lot of issues, then he consulted with someone who was...
View ArticleRe: Is there a easy way of combining the data from multiple EarlyWatch Alert...
@Billy and Julius, Thanks for your prompt replies.Security Configuration Validation has a pre-requisite of a 'model' baseline system against which the configuration will be checked. In order to build...
View ArticleSecure by Business area in SD documents
Hello,We are using in FI, Business area, and now we are required to secure some SD transaction by Business Area : VF01, VF02, VF04, VFX3, VF06, VF11. I have seen that maybe it's possible top populate...
View ArticleRe: Is there a easy way of combining the data from multiple EarlyWatch Alert...
I see EWA as a way for Basis leads to keep up on weekly stats for their systems; to meet your requirement I believe you are going to have to setup the validation in your solman. IMHO SAP does this due...
View ArticleUser details are not being copied when we copy a user
Hi, all, Good day! We would like to request your advice on the following. Whenever we try to create a new user from an existing one, we find that the user type isn't copied from the original user. The...
View ArticleClik here to view.
User lock in LDAP: unclear UME error message
Hi all, After reading through several sap notes and help pages, I thought I might get some help from the community SetupSAP portal (based on Netweaver 7.01 SP7)Active directory has been configured as...
View ArticleMass authorization maintenance in JAVA
Hello all,System is JAVA-only landscape (e.g. ESR). Identity management is configured to use LDAP (data source = Microsoft ADS Read-Only (Flat Hierarchy) + Database).There will be around 300 users...
View ArticleRe: Mass authorization maintenance in JAVA
Would you rather be able to define the UME role through Active directory and just have your Java stack look for that item and reduce the admin work in the Java system?...
View ArticleRe: Activity BD in auth. obj s_tabu_dis
Using S_TABU_DIS authorization object we can restrict access to data in table entries defined in this object. User who wants to access the data has authorization for transaction SE16 (and therefore for...
View ArticleRe: User details are not being copied when we copy a user
Hi Jonathan that's really odd... Do you user CUA? What happens to field user type if you create a new user? Can you paste a screenshot with the example blank?Do you have any errors in sm21 when you...
View ArticleRe: User lock in LDAP: unclear UME error message
I think you would have to customize this, by querying LDAP for the status of the account (I think its a binary value) and then display a different error message. Some food for thought, is it possible...
View Article