What does an SAP Basis administrator do?
Many companies are struggling with the introduction and use of secinfo and reginfo files to secure SAP RFC gateways. We have developed a generator that supports the creation of the files. This blog post lists two SAP best practices for creating the secinfo and reginfo files to enhance the security of your SAP gateway and how the generator helps you do this. secinfo and reginfo Request generator Option 1: Restrictive procedure In the case of the restrictive solution approach, only in-system programmes are allowed. Therefore, external programmes cannot be used. However, since this is desired, the access control lists must be gradually expanded to include each programme required. Although this procedure is very restrictive, which speaks for safety, it has the very great disadvantage that, in the creation phase, links which are actually desired are always blocked. In addition, the permanent manual activation of individual connections represents a continuous effort. For large system landscapes, this procedure is very complex. Option 2: Logging-based approach An alternative to the restrictive procedure is the logging-based approach. To do this, all connections must be allowed first by the secinfo file containing the content USER=* HOST=* TP=* and the reginfo file contains the content TP=*. During the activation of all connections, a recording of all external programme calls and system registrations is made with the gateway logging. The generated log files can then be evaluated and the access control lists created. However, there is also a great deal of work involved here. Especially with large system landscapes, many external programmes are registered and executed, which can result in very large log files. Revising them and creating access control lists can be an unmanageable task. However, this process does not block any intentional connections during the compilation phase, which ensures the system will run non-disruptively.
Test of EDI data transmission In the transaction WE05 all incoming and outgoing messages and IDocs as well as the status of the IDocs are displayed. If the order data is correctly entered and the partner profile is correctly configured, the IDoc is listed as successfully processed.
SPRO Implementation Guide
In every company with several SAP systems, there is a person responsible for the complete SAP Basis topics, usually there is even a separate department for this. This person ensures the trouble-free operation of the SAP systems. The person responsible also accompanies maintenance work or upgrades and intervenes in special situations, such as poor performance. Even for companies that hand over operation of the SAP Basis to an external service provider, there are often tasks from the user and authorization management environment at this point.
User name without restrictions - critical? Depending on the release of the SAP_BASIS component in your system, invisible special characters may end up in the user name. This is especially critical if only spaces or alternate spaces are used for the user name when creating a new user. In Unicode systems, "alternative" spaces, so-called "wide spaces", can be used in addition to the normal space character (hexadecimal value 20). For example, the key combination "ALT+0160" can be used to insert non-breaking spaces. If a user is now created whose user name consists exclusively of such alternative spaces, this can be confusing. This is because entries for this user ID do appear in change documents, but the impression is created that the entry was created by a non-existent / deleted user. This circumstance can lead to confusion. In addition, certain special characters in the user name can also lead to errors, for example in the Change and Transport System (CTS). This is because the user name is also used in the CTS-ORG to create a file with the same name in the transport directory. Furthermore, there are letters/characters that look identical in different alphabets, but have a different hexadecimal value in the character set. This means that confusion in user names cannot be completely ruled out. Seemingly identical user names then stand for different users.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
This is a reconciliation process between the SAP basis, other IT departments and, if necessary, the business areas concerned.
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
The first character is always a K (the cofiles file) or an R (the data file).