SAP Basis Implementation of your user and security management - SAP Corner

Direkt zum Seiteninhalt
Implementation of your user and security management
The tasks of an SAP Basis administrator are management and administration of SAP systems. In practice, it means taking responsibility for the maintenance environment of the systems, their cooperation, updating, solving user problems and efficiency issues (concerning the network, databases or operating systems), backup copies and architecture. Another task of this position is also to follow new market trends and propose compliant solutions with them.

Since jobs and backups should run at set times for organizational or technical reasons, automating them is a good idea. In simple, clear system environments, many SAP Basis administrators help themselves with SAP CPS (Central Process Scheduling) and simple ABAP batch jobs that start operations or other jobs. Since the desires and the system environments usually grow continuously, this approach becomes complex and confusing over time and troubleshooting often becomes difficult. As a result, maintainability often falls by the wayside and error-proneness can increase. If different jobs are strung together to form chains, further problems arise.
This makes the technical user the dialogue user and a login in the SAP system is unrestricted. So Johannes logs in with the known password of the RFC user in the production system. Thanks to very extensive permissions, it now has access to all sorts of critical tables, transactions, and programmes in production. With the identity of the RFC user Johannes starts with the technical compromise of the production system... RFC Security: All invented - or everyday threat? Whether a simple trim, altered biometric properties or an encapsulated technical user in the SAP system: the basis of the compromise is the same. A person uses a different identity to gain access and permissions to protected areas. Moreover, the evil in all three stories could have been prevented by pro-activity. When was the last time you thought about the security of your RFC interfaces? Can you say with certainty that all your technical RFC users only have the permissions they actually need? And do you know who exactly knows the passwords of these users? Can you 100% rule out that not now in this moment an SAP user with a false identity infiltrates your production systems? Change now: It's about pro activity! But before you start now and start looking for the "identity converter" (which I really do not recommend!), I suggest that you take root of evil and proactively strengthen your RFC security. So if you want to find out more, I have the following 3 tips for you: 1) Our e-book about SAP RFC interfaces 2) Clean up our free webinar about RFC interfaces 3) Blog post about our approach to optimising RFC interfaces As always, I look forward to your feedback and comments directly below these lines!

The basic SAP Basis operation includes the operational readiness of the SAP system, management of system changeability, configuration and administration of system profiles, analysis of system failures, operation and monitoring of technical interfaces, scheduling and monitoring of SAP standard jobs, and much more. The optional services as an extension include activities whose implementation and frequency depends on the existing system environment and which can be optionally booked (client copies, implementation of client transports and homogeneous/heterogeneous system copies, etc.). These include performing release upgrades, installing enhancement packages, adapting new printer types, device drivers or character sets, and much more.

"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP basis.

This effect made it impossible to establish a trustworthy, decentralised digital currency by 2008.

SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page:

Security and Documentation In a centralised user administration, users can be locked down efficiently on all systems or access rights can be changed.
SAP Corner
Zurück zum Seiteninhalt