SAP User Enumeration
Hi All, Recently there was an SAP audit conducted in our landscape and SAP found as below (SAP User Enumeration (High Risk)) "During our testing and enumeration we managed to extract a list of SAP...
View ArticleRe: Authorization issue while executing a Web Template in SAP BI
Which infoobjects are used? it is not so clear so hard to understand. I suggest you check the buffering of authorizations in RSECADMIN which shows how authorizations are combined, this might help explain.
View ArticleSwitching BW authorization concept back and forth on the fly
After upgrading to BW 7.0, we are currently developing the BW authorizations from scratch with the new analytical authorizations. The system is currently set to the legacy RSR authorization objects....
View ArticleUsage of SU22 for "Addons"
Hi, we have developed an addon module on our SAP dev system which is distributed to various customers. According to note http://service.sap.com/sap/support/notes/1539556 Point 5 I have maintained...
View ArticleRe: Usage of SU22 for "Addons"
We experienced exactly the same: The USOB_SM entries are missing in the download file as well as the modifier date stamp, so we decided to desert it. - If there is no need nor intention for customers...
View ArticleRe: Usage of SU22 for "Addons"
Just found this note: http://service.sap.com/sap/support/notes/1566306 I think that could be the solution.I'll try to import the note correction into our system tomorrow and make another download.I'll...
View ArticleRe: Usage of SU22 for "Addons"
Note that there are two related notes in that set of corrections and you will need to correct the data maintained before the correction as well. I went the (safer) SU24 and transport route. If someone...
View ArticleRe: How to Find SAP Security Note from NCICC Vulnerability?
Hi, Click on the link provided by NIST and it takes you to the advisory on the Onapsis website. Register and download the advisory and it includes the note + relevant info (1773651). You won't get...
View ArticleRe: How to Find SAP Security Note from NCICC Vulnerability?
Just incase: you should only download code sources from SAP via Service Market Place, not via transports or external files. It is also best to use the SOLMAN system recommendations for SAP related...
View ArticleRe: Called transaction (authorisation default) lost when breaking parent link
It works OK in my 4.7 & 702 systems too.
View ArticleRe: Change of user Id names in production server
Can we change Last name and first name of user id Is it okay to change last name and first name For that he is saying auditing issues it seems like funny
View ArticleRe: Change of user Id names in production server
When you don't change the user id, everything should be fine - in the logs, only user id is saved.
View ArticleRe: Change of user Id names in production server
Hi Priya, It should not be a big issue if you are making some minor changes.. Usually not people change there Id details. I haven't seen auditors asking munch information with regards to changes on id....
View ArticleRe: Called transaction (authorisation default) lost when breaking parent link
Hi Julius The test role was freshly created via PFCG and the called tcode chosen was FB03. I'll go back to our tame Stig and get him on the case to check for any notes. Best wishesDavid
View ArticleRe: Change of user Id names in production server
HI Priya, You can change your user id name ..with the help of su01 t-code su01 there is rename option .. but you will have to change your password. New user id will have all change documents of...
View ArticleRe: Implementing SAP password rules in Active Directory?
Just to be sure: the reason why this approach is a good idea is because SSO typically does not fail and if it does then not for long. You do not need to disturb the peace and tranquillity of...
View ArticleRe: Implementing SAP password rules in Active Directory?
Hi, There are many ways to implement SSO for applications which are web based. It seems the main reason for your project sponsors concern is that you have a single point of failure. Generally I find it...
View ArticleRe: Implementing SAP password rules in Active Directory?
Good point. If the whole network does down then you need a plan B. But if the user can still reach the login screen / negotiation, then it is a good idea to have a plan B available to cover the time...
View ArticleRe: Password Deactivated for a Dialog user
I discussed this with some SAP internal gurus and you should open a customer message. Cheers,Julius
View ArticleRe: Use of active directory userid/password authentication instead of SAP R/3...
NWSSO has a Windows only implementation for classic GUI, see the application help and this discussion thread for details.
View Article