SAP Basis SCU3 Evaluation of logged customizing objects and tables - SAP Basis

Direkt zum Seiteninhalt
SCU3 Evaluation of logged customizing objects and tables
Since jobs and backups should run at set times for organizational or technical reasons, automating them is a good idea. In simple, clear system environments, many SAP Basis administrators help themselves with SAP CPS (Central Process Scheduling) and simple ABAP batch jobs that start operations or other jobs. Since the desires and the system environments usually grow continuously, this approach becomes complex and confusing over time and troubleshooting often becomes difficult. As a result, maintainability often falls by the wayside and error-proneness can increase. If different jobs are strung together to form chains, further problems arise.

As an interface to the user, the presentation layer contains software components (the SAP GUI) by means of which the user is presented with the application. During its runtime, an SAP GUI component is always permanently linked to a user logon to the NetWeaver AS ABAP.
SAP Security Audit & Monitoring
Project successes should also be documented and circulated as success stories of the SAP basis or made available to the SAP basis stakeholders to highlight the importance of the SAP basis. These success stories can be shared from the grassroots or from the outside, for example. Examples include CIO communications or project reports. BENEFITS & CONSEQUENCES The added value of the implementation of the recommendations described above lies in the guaranteed operational stability and operational safety. In addition, a company and in particular an IT organisation with a strong SAP basis receives a competent and sustainable partner for SAP topics and technologies, who is always looking at the SAP picture in general. Furthermore, all business and IT departments are aware of the role and the scope of the SAP basis. This means that you can contact them as the right person in good time. There is a lower risk that certain areas may develop shadow IT related to SAP topics and technologies due to lack of transparency.

For the authorisation requirement of a user, the transactions with user assignment already awarded should be determined accordingly, in order to be able to exclude them when selecting a suitable role. How does this work? There are various ways to identify specific user-assigned transactions, with varying degrees of result. The following article presents two variants. The first section first describes how to use SUIM to address the problem and what problems are encountered. It then explains how the task can be solved by using the transaction SE16N. As in the previous blog post Identifying all transactions of multiple roles, the roles Test_Schmidt1 and Test_Schmidt2 are used for this. Two of the transactions MM01, MM02, MM03 and MM04 were assigned to these roles in different ways. In the Test_Schmidt1 role, the transactions MM01 and MM02 were entered in the Role menu. In the Test_Schmidt2 role, the transaction MM03 was maintained in the menu of the role, but the transaction MM04 was maintained only in the S_TCODE permission object of the role. Both roles have been assigned to the user SCHMIDT_TEST. Identification of certain transactions with user assignment using SUIM This option is useful if only one transaction is to be checked for its existing assignment to a particular user. The audit is carried out here by means of the transaction SUIM. For this purpose, the variant "Roles according to complex selection criteria" has to be executed in the SUIM. After activating the option "With valid assignment of", the corresponding user and the transaction to be checked will be entered here. It is also recommended to hide the display of the collection roles in the search results.

Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".

Benefits 1) Hardly measurable Performance Impact 2) Central collection of data of all systems in the SAP Solution Manager's BW 3) No complex setup 4) Once activated, the collector and extractor jobs run regularly and without further manual activities Possible usage scenario If you have Solution Manager 7.2 in use, you can use UPL within the framework of "Custom Code Lifecycle Management" (in German: management of customer developments).

As a user of the group, you cannot see tabs either.
Zurück zum Seiteninhalt