Re: authorization upgrade
just found again: http://wiki.scn.sap.com/wiki/display/Security/Best+Practices+-+How+to+find+TCodes+changed+after+upgrade+regarding+SU24-data which provides also a hint... I can only suggest to...
View ArticleRe: How to encrypt documents in ABAP
Martin Voros wrote: Hi, I think that part of documentation is obsolete. SAP uses this to protect credit card details if stored in SAP. I don't think you need additional product for this but I am not...
View ArticleClik here to view.
Release blocks in MRBR when Purchasing group is Null
We have credit memo invoices that are entered without referencing Purchase order on MIRA/MIRO. When they go to release a block on the invoice it is looking for blank value " " in M_RECH_EKG - Inventory...
View Articlehow to configure SAP logon tickets with Active Directory for SSO
Hello, I'm looking for documentation, preferably a guide with configuration steps that cover the following: - configuring SAP logon tickets for ABAP systems to be used with Active Directory- the goal...
View ArticleUnable to add Security Policy to user id's in SU01 or SU10
Hi Experts, We have a situation where we created Security Policy in two systems (CRM and BW) where as while trying to assign to user id's as a single by using SU01 or Mass by using SU10, We don't see...
View ArticleAutomate assign/remove roles to/from users every month
Hi, We have a request to assign all users to RoleA, RoleB at calendar month end. Then after calendar month end, to remove RoleA, RoleB from all users and assign all users to RoleY, RoleZ. I'm currently...
View ArticleRe: Automate assign/remove roles to/from users every month
Hi You would need to build something custom for this That aside, is there a reason why you need to do this? If this is a common activity I would be questioning the design reasoning and see if there...
View ArticleRe: Automate assign/remove roles to/from users every month
Thanks - thats what I was wonderIng if SM01 transaction locking might be solution or if some function config. When movement types mentioned I immediately thought MIGO and locking that would not help if...
View ArticleRe: Automate assign/remove roles to/from users every month
Hi If you want to schedule (so that it runs automatically), then option (1) works best: you can schedule ABAP programs to run in the background, to be started at a certain time , or after a certain...
View ArticleRe: Automate assign/remove roles to/from users every month
I won't pretend to be a functional expert in logistics or finance, but it seems to me that this is likely a configuration and/or business process issue and not a security issue. I'm pretty sure it is...
View ArticleClik here to view.
EHP7: New feature added in SU25
Dear experts, Can you please help me understanding below two option, appeared when I executed Step 2a in SU25 after our system upgrade from EHP6 to EHP7 and one new Option in SU25, “Expert mode for...
View ArticleClik here to view.
Re: EHP 7 - Recommended Security Approach?
Thanks for the reply !!!When I executed the SU25 2b I got only 6 transaction but I can see lots of transaction are customized by us earlier in SU24? Do you know what went wrong? Also I have selected...
View ArticleRe: Unable to add Security Policy to user id's in SU01 or SU10
Hi Alex, We have various systems as below.. EHP2 FOR SAP CRM 7.0 ---- CRM system ,SECPOL availableSAP NetWeaver AS ABAP 7.31 --- PI System, SECPOL available SAP NetWeaver 7.3 --- BW System, Adding...
View ArticleHow to restrict IQ02 at plant level
Hi All, Currently the t-code IQ02 does not restrict deletion of serial number at plant level.Eg. Site 1 users are able to delete serial number for Site 2 users using IQ02 and vice versa.IQ02 has an...
View ArticleRe: Revoke Teco authorization
Hello Khandokar I suspect your question provides too little information. "Revoke Technical Completion" is a action, in a certain transaction. It may be difficult for "us" as security experts to...
View ArticleRestrict CO02 change order
Hi Experts, Please help us to restrict change order ones it released. user will able to change order before release ones the HOD released the order no one can change the order even he have the CO02...
View ArticleSAP CUA (Central User Administration in ABAP) - migration process failed to...
Hi SAP Gurus, I am looking for logs concerning central user administration (CUA). My problem in short:We had two CUA.We want to migrate them to a single CUA.During the migration process, SAP not all...
View ArticleIs the Goto Statement in Debugging a security risk?
Hi, In debugging ABAP code we have the option to jump to a certain statement via the GOTO STATEMENT from the menu.Is there any security risk in doing this. It is now controlled in the 02 Activity of...
View ArticleRe: Is the Goto Statement in Debugging a security risk?
It is often misunderstood as forward and backward navigation instead of stepping in the debugger and always checked actvt 02 - but in earlier releases was not as obvious to find and did not write a...
View ArticleSTRUST/SM59: Getting Root/Intermediate Cert into HTTPS request
All, We are working with a Vendor of ours, using a web service to communicate some information regarding business transactions. The vendor requires that we use HTTPS Client authentication using a...
View Article