Operations
Backup concept for the Azure or AWS cloud
Do you want to allow an employee access to exactly one view maintenance dialogue, but he should not be able to search for other care views in the SM30? This can be done easily with a parameter transaction. Learn how to create such a transaction step by step here. To create a parameter transaction, navigate to the SE93 first. Here you can create all types of transactions. The following dialogue will open: After pressing the "Create" button, a popup will open, on which you select the radio button "Transaction with parameters (parameter transaction)". In addition, type a short description as usual and confirm. The following dialogue will open: The transaction code must be specified here first. If you want to skip the entry dialogue when invoking the parameter transaction, and there is no way to open tables other than the one you want, make sure to select "Skip Entry Image". Furthermore, the GUI properties of the SM30 should be inherited so that the parameter transaction can be started with the same software. Configuration of the parameters In the lower part of the dialogue you will find a table ready for input. Here you can use the search help (F4).
Through a sound expertise in the SAP technology environment, it is recommended to bring the know-how of the SAP basis into the IT strategy and IT roadmap. For this, the responsibility lies primarily with the CIO as the carrier and responsible of the IT strategy and the IT organisation. Likewise, the SAP basis should serve as a sparring partner for individuals and boards (such as enterprise architects) that significantly influence the strategy.
SAP systems also need to be maintained
Especially in larger companies, which also have multiple locations in different countries, it is often necessary to grant different employees the same permissions for different levels of organisation, such as accounting circles. In order to make maintenance and maintenance of the system easy in such a situation, it is useful to set the inheritance principle for SAP permissions. How does SAP Permissions Inheritance work? An inheritance is always about a master object passing certain properties to a derived (sub) object. Therefore, these properties do not need to be maintained several times. Also, changes to the master object are passed directly to the derived objects. This allows easier maintenance and drastically minimises the error rate. In the case of SAP Permission Inheritance, the required permissions are bundled in a Upper or Master role. Only the organisational levels have to be maintained in the roles derived from them. The permissions are automatically pulled from the master role. Create Inheritance for SAP Permissions The following shows how to create and use inheritances for SAP permissions. This requires only two steps: Creating a master role and defining derived roles. Step 1: Create a master role Inheritance always requires a parent role, because all properties are inherited from it. If this role, in which all shared permissions are bundled, is missing, the first step is to create this master role. To do this, open the PFCG transaction and enter the desired name of the master role in the Name field. It is possible to identify master and derived roles by using naming conventions. The "Single Role" button will then be used to create the desired role. In the following example I create the master role "findepartment_r".
If table logging is active in your system, you can specify which tables are to be logged in transaction SE13. For an active logging it is necessary to set the flag "Log data changes".
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
The Security Architect - part of the Xiting Authorizations Management Suite (XAMS) software solution developed by Xiting - offers you the possibility to precisely examine the current status of the SAP Basis settings with the help of the integrated check mode, whereby it is also possible to check several systems via RFC, starting from a central system.
SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.
The scope of the check mode can be extended by self-defined check IDs.