TABLE LOGGING AND TABLE PROTECTION
SAP LSMW
It should be mentioned here that it only makes sense to access the tables by reading the SELECT statement to get a quick view of the results. Using the DBACOCKPIT, it is not possible to create entire table structures using Create Table. For such applications, SAP provides other, better options. Another important point is that once a user has the necessary permissions to use the transaction DBACOCKPIT, it can potentially (with appropriate permissions on the tables) access the entire SAP system. For example, a query can be used to read the entire user table. Therefore, the transaction should always be treated with caution and only awarded to administrators. DBACOCKPIT handles the call control permissions similar to the SE16 / SE16N transaction. When the table is called, the S_TABU_DIS or S_TABU_NAM permission object is checked with a specific activity. This means that only the tables or table permission groups for which the corresponding values in the aforementioned permission objects are assigned can be accessed. You can read more about assigning permissions to individual tables here. In addition, you can save SQL statements that you run once, and run them again at any time to recognise changes in the result set without having to reformulate the SQL statement each time. The editor also allows you to start the query for SQL statements in the background. The result is obtained by calling the transaction SM37, in which the result is output in a spool file.
If you get a tp-step in the cancel message, it is a transport order-independent step whose logs cannot be displayed with logs. In this case, analyse the following files: tp-Step 6: P tp-Step N: N tp-Step S: DS All protocols are located in /usr/sap/trans/log.
Application of SNOTE and elimination of errors
Tasks such as the update of components, the insertion of security updates or monitoring should be further automated. It is recommended to use only one automation tool (SAP Solution Manager or SAP LVM). Custom solutions and scripts should not be used or replaced with standard tools if possible, because otherwise different script languages and script versions will have to be managed, resulting in a lot of maintenance. Standardised SAP scripts are welcome here. A useful definition of thresholds, for example on the basis of historical system behaviour, must also be defined for monitoring.
As a hint: The menu tab "Jump" allows you to set all namespaces or software components simultaneously to "modifiable" or "non-modifiable". However, before you can rearrange the namespace and software components, you must also adjust the global setting accordingly. With Save or CTRL+S you can now save your new settings and you have already set the system modifiability.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
Manual identification of critical SAP permissions is difficult overall.
SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.
Basic services, for example, can also be rented from SAP or obtained from an external service provider as part of managed services.