Configuration as well as maintenance, upgrades and backup & recovery
SAP Portal
A BW system often plays a very central role in larger companies. Here the data from the various connected source systems are analysed and reported centrally. A previous customer of mine had a BW system, to which a total of over 20 other SAPP production systems were connected. With such a large and mostly living system landscape, it is normal that individual systems are dismantled from time to time. However, especially with large SAP landscapes, there are strict regulations regarding the permissions of technical RFC users. For this reason, the simple "right-click —> delete" of a source system in RSA1 will often not lead to the target, but rather to a failed permission check. With this blog post, I'll show you a workaround on how to clean a source system from a BW system using the RSAR_LOGICAL_SYSTEM_DELETE and RSAP_BIW_DISCONNECT function blocks.
Remove weak password hashes from the system: Only updating the profile parameter does not provide you with the necessary security. There are still many weak hash values in your database that can be used to attack your system. These must be completely removed from the database. To do this, use the report CLEANUP_PASSWORD_HASH_VALUES. To do this, call the transaction SA38 and enter the name of the report in the input field. Run or F8 executes the programme and cleans your database Report CLEANUP_PASSWORD_HASH_VALUES This programme removes the outdated hash values across all clients. Have you already experienced this attack method or any other comments on this topic? Share your experiences with us in the form of a comment under this article.
Solution: Performing a user comparison
SAP administrators can basically be found wherever SAP systems are used. These are now numerous industries and departments of companies. SAP systems can be found in accounting, costing, activity-based costing and controlling. In all these areas, they take care of the smooth functioning and development, thus helping the company to make internal processes more efficient and consequently save costs and resources.
It is therefore not unusual for the authorisation allocations to be regularly reviewed in the course of a revision or by external auditors. This is a very laborious process with SAPS standard tools. In this scenario, an authorisation administrator would first have to manually assign each employee to a specific manager and determine their roles. After that, these roles should be exported from the system (for example, to an Excel file) and then submitted to the supervisor so that he can decide whether the role assignment is appropriate or not.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
You can always check with Status to see in which step and for what reason the abortion took place.
On www.sap-corner.de you will also find useful information about SAP basis.
The person responsible ensures smooth operation of the system.