ST05 SQL Trace
SAP Security in Transition - SAP HANA Permissions
Faster problem solutions: With an SAP service provider, you usually get faster solutions to problems that arise. Through years of experience, experts can draw on a pool of solutions and know what is most efficient and best in each situation.
The database layer is used to store all company data and consists of the database management system (DBMS) and the data itself. In each NetWeaver system there is a database server on which the SAP database is located. It provides all other applications with the necessary data. The data is not only data tables, but also applications, system control tables and user data. All basic components ensure that the user has fast and reliable access to this data.
Basis & Technology
This is where all the system's data resides. These are composed of the actual database and the DBMS, the "database management system". In earlier versions, the database here came from different manufacturers. For example, Microsoft SQL or Oracle. Since SAP HANA, a lot has changed for IT in this data layer. This is because the database comes from SAP itself and is automatically monitored by the system. There is more to this database layer than just the working data. Important elements such as the configuration tables and system data for control and application content are also stored here. This is the repository data used by applications.
So-called Access Control Lists (ACL) offer a good possibility to secure your gateway in order to exclude unwanted external accesses to the database of the application server. With the help of the ACL files reginfo and secinfo an access control can be implemented, in which allowed as well as forbidden communication partners can be defined. The reginfo file controls the registration of external programs on the gateway, which means that rules can be defined that allow or prohibit programs. With the help of the file secinfo you can define which users are allowed to start an external program. To be able to use these files, you must set the parameters gw/reg_info and gw/sec_info (transaction RZ11). For more information, refer to SAP Note 1408081.
For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.
The dataowner should be the
adm of the target system, which you can change (in the Unix console) with "chown adm K12345.DEV" (respectively R12345.DEV for the data file).
To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.
Then switch to the Permissions tab to generate the current profile of the permission objects with the new Fiori permission.