Re: How to restrict a user to a specific development class in BW
Why don't you want them to tie to the $TMP package. It is actually better to tie to the $TMP package and then after your development review and sign off for promotion to BWQ, you can assign them to...
View ArticleRe: P_ABAP not skipping the authorization check
Hi, The P_ABAP object works with programs, in the transaction you mention, the program getting the final result is not the same as the one behing the transaction for the AdHoc query... The programs for...
View ArticleImposing authority check
Hi Experts I want to impose an authorization check in AUT10 so that user should see all the changes particularly relevant for one plant.Can I do so? RegardsSoumick
View ArticleRe: Imposing authority check
Hi, The answer is invariably yes but the ease of achieving it will vary. From what I can see of AUT10 it would be complex to implement as there would have to be customising which looks into the...
View ArticleSAP standard roles for Mii inside of objects?
Hi, It is our practice to rename SAP standard roles we plan to use "as is" to our company's naming convention. I am being told by an Mii implementer that Mii uses the standard role names in objects...
View ArticleClik here to view.
Ecc6 SU01 - Role Display (Icon)
We've just started testing Ecc6 system (we are upgrading). When displaying our existing roles for a user in SU01 we see some have missing icons for single role. The display in SUIM (Roles by complex...
View ArticleRe: Ecc6 SU01 - Role Display (Icon)
Hi Richard, Do you have any idea, Which SP it is ? Question for your :- did you mapped this role under any of the composite role ? if yes, then this would be the latest option with new SP hopefully....
View ArticleRe: P_ABAP not skipping the authorization check
Hi Jonathan, Thanks for replying to this message. I agree with all your points and also I see the same results when I execute the different methods. However, using the Adhoc query related t-code...
View ArticleRe: Imposing authority check
Hi, check BADI badi_aut_archive.From quick look at source code you sould be able to use this BADI to implement custom authorization check and filter out records. The only worrying part is that I can't...
View ArticleWhat tables contain transaction code usage?
Customer does not have GRC installed, and does not have security auditing turned on. They want to create a report that allows them to select transaction code usage for a specific tcode or wildcard...
View ArticleRe: What tables contain transaction code usage?
Hi Alfred GRC usage reads information from STAD/STAT, CDHDR/CDPOS tables, SM19 and SM49 You would need to somehow read that information and look at the related function modules. RegardsColleen
View ArticleRe: SAP, OpenSSL, and Heartbleed
Hi Julius, I think you are confused here what OpenSSL is. This issue has nothing directly related to CAs except that if you decide to re-issue your certs then you need to contact your CA. OpenSSL is a...
View ArticleRe: SAP, OpenSSL, and Heartbleed
SAP employee discovered that bug. I would not call that "causing the issue" :-) Cheers
View ArticleRe: User XYZ has no authorization for tp command IMPORT
Do they have sufficient authorization in target system? Cheers
View ArticleRe: SAP, OpenSSL, and Heartbleed
Thanks, Martin. Yes, this was precisely my question. I have seen some mention of OpenSSL being credited as one of many third-party products used in ADS, though it wasn't clear in what fashion (since...
View ArticleRe: SAP, OpenSSL, and Heartbleed
The resultant trouble was caused by something discovered by a SAP engineer, not the problem itself caused by SAP. That is what I meant. Cheers,Julius
View ArticleRe: SAP, OpenSSL, and Heartbleed
I would not rely on lack of chatter here. SAP world is special. Sadly, it's still common to think that SAP security == authorization. But it's getting better. People started asking questions about weak...
View ArticleRe: SAP, OpenSSL, and Heartbleed
Just an update. I found this Test your server for Heartbleed (CVE-2014-0160) . I did execute it against external facing portal that has SAP web dispatcher in front of it. It says that the system is not...
View ArticleRe: SAP, OpenSSL, and Heartbleed
I am not aware that SAP has any imbedding of openSSL for ADS. Actually I can hardly imagine that because it is an internal server. I have only ever encountered openSSL for (internal) POCs. Lets wait...
View Article