SAP Basis Authorization management: Preparation and follow-up of audits as well as ongoing or selective support

Direkt zum Seiteninhalt
Authorization management: Preparation and follow-up of audits as well as ongoing or selective support
These are your tasks as SAP Basis Administrator:
With the function module SWNC_COLLECTOR_GET_AGGREGATES one can determine the most important SAP Basis transactions. After all, each SAP Basis expert sees different transactions as important.

Tasks such as the update of components, the insertion of security updates or monitoring should be further automated. It is recommended to use only one automation tool (SAP Solution Manager or SAP LVM). Custom solutions and scripts should not be used or replaced with standard tools if possible, because otherwise different script languages and script versions will have to be managed, resulting in a lot of maintenance. Standardised SAP scripts are welcome here. A useful definition of thresholds, for example on the basis of historical system behaviour, must also be defined for monitoring.

Some useful tips about SAP basis can be found on www.sap-corner.de.
Implementation of applications
SAP's client concept enables a SAP system to be split into several logical sub-systems - clients. These subsystems can be used independently and in isolation as separate systems. But how should non-client transactions be treated? How can you prevent one client from accessing the other and why should you want to prevent that? In this blog post, I will answer these questions and discuss some negative examples. Why is it important to consider independent transactions separately? Imagine that every one of your employees is allowed to create or change a client in the production system, or worse, both. Creating and modifying a client in the production system is authorised and documented - you wonder what could possibly go wrong? The risk in this case is a loss of integrity of system and data, loss of confidentiality: With each new client, Superuser SAP* lives up to its comprehensive, cross-client rights and the assigned standard password.

Due to the technology diversity, including in the SAP product portfolio, the support by a single silo unit SAP basis is almost impossible. Likewise, there are many activities that are located for historical reasons in the SAP basis and in parallel in the non-SAP area. In this respect, the separation between SAP and Non-SAP must be examined and, if possible, eliminated by standardisation, integration and centralisation. For example, the issue of output management can be set up in a team that has knowledge in the SAP printing area as well as in the non-SAP printing area and has contact points in the SAP basis. From the SAP basis, tools must be made available to the non-SAP areas to support them in their work in the SAP environment.

Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".

If you want to set the customising changes to customise, you must go to the client control.

The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.


The delivered roles and the profile generator of SAP are used.
Zurück zum Seiteninhalt