SAP Basis Service
Tasks and activities
The SAP Identity Management System (IdM) enables centralised user and permission management in a heterogeneous system landscape. By using an IdMSsystem, manual processes can be replaced by automated workflows that are mapped and administered centrally. Examples of scenarios: 1) User and Authorisation Management 2) ESS/MSS for the management of personnel data 3) Audit and monitoring for the verification of compliance with legal regulations What should be taken into account, however, if you want to introduce an Identity Management System? In this contribution, I would like to highlight fundamental points that need to be clarified before the introduction.
The consistent implementation of the role concept enables a manageable complexity of the tasks per employee. At the same time, through the respective SMEs, the concept creates expertise in specific topics and enables communication on an equal footing with upstream or downstream IT departments as well as with external service providers. The establishment of technology architects also ensures that the overall picture is not left out of sight in the context of the SAP product portfolio. Deficits can also be addressed on issues such as policies and security. Overall, the role concept provides guidance for the employees and their career planning as well as guidance regarding the range of tasks and contacts for IT departments and business areas.
Restore systems + DB
With the growth of the company also came extensions and the need for a whole SAP Basis team. Basically, it is a condition that occurs sooner or later in any organization that maintains SAP systems.
So-called Access Control Lists (ACL) offer a good possibility to secure your gateway in order to exclude unwanted external accesses to the database of the application server. With the help of the ACL files reginfo and secinfo an access control can be implemented, in which allowed as well as forbidden communication partners can be defined. The reginfo file controls the registration of external programs on the gateway, which means that rules can be defined that allow or prohibit programs. With the help of the file secinfo you can define which users are allowed to start an external program. To be able to use these files, you must set the parameters gw/reg_info and gw/sec_info (transaction RZ11). For more information, refer to SAP Note 1408081.
Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.
STEP 5: POSITIONING This step will position the service on the market and also position the competitors in the relevant segment.
This person ensures the trouble-free operation of the SAP system.