SAP Basis Management
Solution: Performing a user comparison
THE SAP basis AS AN OPPORTUNITY ALMOST EVERY INNOVATION IN THE COMPANY HAS A TECHNICAL FOOTPRINT IN THE BACKEND, WHICH MOSTLY REPRESENTS AN SAP SYSTEM. HERE, THE SAP basis CAN HELP CREATE AN ADDED VALUE FOR THE COMPANY. EARLY INVOLVEMENT IN THE PROJECT IS ESSENTIAL.
In addition to the optimisation potential of Security Automation, which I explained in more detail in my last post, the E-Learning division also offers numerous possibilities for automation. Since many companies are not yet making the most of these potentials due to a lack of knowledge about this particular form of knowledge transfer, I would like to address this in the following post. E-learning is also a form of automation that, if used correctly, brings many positive aspects. In the end, e-learning is a way to store know-how in a form that can be retrieved again and again. This means, of course, a certain initial effort for the creator, which nevertheless pays off more than if the quality is sufficient. What are the opportunities for a company to take advantage of e-learning? A company has several ways in which it can exploit and use the area of e-learning for itself. The fundamental question that should arise immediately after the decision to do so is whether the company creates the content itself or whether it relies on the content from external sources. Both have advantages and disadvantages, which I would like to explain in the following.
INITIATE PILOT AND RESEARCH PROJECTS
If you want to evaluate for which tables a logging takes place, the table DD09L is suitable for this. The column "Log" shows you for which tables changes are logged.
In this article on SAP Security Automation I would like to take a look at the future of automated processes in the SAP Security area. For many companies, the topic of security automation still offers a lot of potential in terms of time savings and process optimisation. Our daily work environment offers numerous tasks that could be handled excellently automatically. For this reason, in this article I present two of the possibilities that already exist in the broad area of security automation. Security Automation via SAP Security Check The first option of Security Automation, which I want to introduce here, is the automatic verification of the existing permissions. Have you ever wondered who has critical permissions in your SAP system? And have you ever tried to do this by hand? Depending on the level of expertise and experience of the privilege administrator, this is a time-consuming work. If an audit is also announced and the SAP system is to be checked for critical permissions and segregation of duties, then it is very difficult to meet all requirements and secure the eligibility landscape in this respect. For this reason, various vendors provide solutions to automate the verification of the permission system with regard to critical permissions and segregation of duties using tool support. This allows permission administrators to use their valuable time to correct the errors rather than just looking for them. For example, we use a tool that runs through the verification of over 250 rules. We then get an evaluation of which rules are violated and which points are correct. A simple example of such rules is the use of the SAP_ALL profile. Another would be to grant the jump permission in debugging (S_DEVELOP permission object with the ACTVT = 02 field). These are two relatively simple examples of Security Check tools' rulebook. In addition, queries are also made, which are located in the field of Segregation of Duties. Using this tool allowed us to move from manual validation of critical permissions to an automatic process.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
Note 2408073 has a file extension of "sar" and will first be unpacked with SAPCAR.
This includes the hotfixes after the patches, which are necessarily installed after the patches.