Analysis
Migration of your SAP system
In order for the stored business logic of an application to be executed correctly, the executing user must also have the necessary permission objects in the flow logic of the OData services in his role. If Authority Checks are performed here, e.g. to query or change data on the backend server, the corresponding role must be authorised. These permissions are expressed in a role by permission objects, as in any ABAP report. If you follow these steps, your Launchpad users should have the Fiori permissions necessary to launch the launchpad, view all relevant tiles, and run the specific apps with their business logic.
In order to ensure the necessary expertise both in the direction of application and application-related IT departments as well as in the direction of infrastructure units, the SAP basis should be divided into an infrastructure-related SAP basis and an application-orientated SAP basis. The infrastructure-based SAP basis acts as a contact level and point of contact for IT departments such as virtualisation, storage management and databases. The application-orientated SAP basis serves as the contact and coordination level for application-related topics. BUILDING OVERARCHING EXPERT TEAMS WITH SAP basis INVOLVEMENT To reduce organisational friction points as well as to optimally handle selected topics, it is recommended to set up expert teams with the participation of the SAP basis. These teams of experts can be virtually organised and therefore of temporary duration and consist of participants from all relevant IT disciplines or business areas. If the topic of the virtual group of experts is the focus of the SAP basis, the SAP basis will take over the management and control of the expert team.
The website www.sap-corner.de offers many useful information about SAP basis.
Active monitoring
Practical experience at home and abroad has given us a proven view of heterogeneous system landscapes. This flows into our consulting as a further plus point and creates not only smooth functionality but also cost efficiency of your individual system landscape.
Either temporary programme calls are blocked that are actually desired or enormously large gateway logs must be analysed. If, due to the heavy workload, one were to decide to forgo the use of the access control lists permanently, this would be a major security vulnerability. The unprotected system does not have any limitations on the external services that may register, and there are no rules for running programmes. One possible consequence would be, for example, the registration of an external system on which malicious programmes exist. At the moment when foreign programmes are running on your system without any control, you can expect that great damage will be done. For example, it ranges from an unnoticed reading of purchase and sales figures, a diversion of funds, to a paralysis or manipulation of the entire system. In addition, this scenario is also possible for poorly maintained access control lists. Our solution: secinfo and reginfo Generator for SAP RFC Gateway To solve the problem, we have developed a generator that can automatically create secinfo and reginfo files based on gateway logs. The basic idea is based on the logging-based approach. It performs the task of time-consuming analysis of log files and also ensures maximum reliability through automation. Nevertheless, the entries of the generated files should be checked by one person. Since the log files used as input are sensitive data, of course none of the inserted data leave your system. More information about the generator can be found here.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
Half of the puzzle piece consists of information about the coin set, time and public address of the sender or receiver.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
Fiori Permission to call the OData service on the backend server Now go to the role maintenance in the PFCG on the backend server.