Root cause analysis
What does TREX have to do with SAP Solution Manager?
This access method depends solely on the rights assigned to the user. System users: Users of this user group are comparable to SAP*. They act as administrator in the system. Therefore, they should be deactivated / set to inactive as soon as possible, as soon as the system operation is ensured. You should still be aware of the SAP ERP environment to address this security risk. In a HANA system, there are privileges instead of permissions. The difference is first of all in terms of terminology. Nevertheless, the permissions are assigned differently (directly / indirectly) via the assignment of roles. These are thus accumulations of privileges. As in older SAP systems, system users must be disabled and certain roles that already exist must be restricted. Compared to an SAP ERP system, small apps are allowed instead of large applications. In this case, attention should be paid to an individual authorisation. It should be a matter of course for users to have implemented secure password rules. Settings Securing the system also means securing the underlying infrastructure. Everything from the network to the host's operating system must be secured. When looking at the system landscape, it is striking that the new technology brings many connections that need to be secured. The SAP Gateway, which is responsible for the connection between backend and frontend, is also a security risk and must be considered. All security settings of existing and future components must be validated to HANA compatibility. Secure communication of connections is obtained when you restrict access where possible. Encryption of the data of a HANA system is disabled by default. Be sure to encrypt sensitive data anyway. Especially data that is archived. If an attack is made on your system, you should be able to run forensic analysis, so you should enable the audit log. Moreover, few users should have access to it.
In the case of client settings, you should ensure that the production client is protected against overwriting and that changes are only approved via the transport management system (TMS) to ensure traceability. In the interests of system security, changes to repository and client-independent objects should also not be permitted. The use of eCATT and CATT should also be at least restricted, as allowing them can lead to significant database changes.
FURTHER DEVELOPMENT OF STAFF
After installing the GUI, the GUI patches should be applied as far as available. This includes the hotfixes after the patches, which are necessarily installed after the patches. BI Addon Patch A new service package and patch may need to be installed. It may also be that can be patched directly if another SP exists. The process takes about 30 minutes. The progress of the installation pauses at a certain percentage, as already mentioned above, so you do not have to cancel the installation prematurely. If the installation is not possible, the latest version will be included in another setup. Installation of the Precalculation Server The Precalculation Server is installed. You can also install any patches here. Service The installations create a service. This can be called under Services. Set the Startup Type of the service to "Automatic" (Standard Manual) Enter Login Credentials Recovery for First and Second Failure to "Restart the Service" Start Service Logon SAP Login to the SAP system with the appropriate client from the Precalculation Server. You can use the SAP system's own login. Warning: There must be permissions for the transaction RSPRECALCADMIN and SM51. The transaction SM51 will then be called. Before creating the instances, it must be ensured that the correct application server is selected, otherwise problems with the instances in the user's application may occur later. The transaction RSPRECALCADMIN is then called. A certain number of instances are displayed. They should all be marked and deleted until the view is empty again. They are then re-created with a continuous numbering in order to distinguish them later. Only the ID and description must be entered. The rest will be awarded automatically. The service will now restart and all instances should be green. This may take 2-3 minutes. Important: In the end, all instances must be green. This completes the creation and configuration.
The website www.sap-corner.de offers many useful information about SAP basis.
This advanced training course on SAP administration will provide you with the skills you need to perform more in-depth administrative tasks on your SAP system. For example, SAP administration using WebAS with ABAP and Java, system configuration and system updates, applying patches and corrections, and updating users and authorizations. Furthermore, the program includes the setup of printers, knowledge of system security and system monitoring as well as transport functions. Not to forget the help system and data backup in your SAP systems.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
It also increases the speed at which certain tasks can be performed.
A note box in which data of all kinds can be quickly filed and retrieved. This is what Scribble Papers promises. At first, the program looks very spartan. But once a small structure is in place, you realise the great flexibility of this little helper.
So, in order to prevent this from happening to everyone, this property should be urgently restricted.