The basics of Basis Administration
Provision resources in minutes instead of weeks
In the past, when we deployed SAP environments, we first had to work out a detailed sizing and architecture and pass it on to the procurement team, which then ordered the systems and installed them in the data center. From there, it went on to the network team, the storage team, the operating system team, and the database team. So it was not uncommon for three to six months to pass between the architecture design and the installation of a new SAP system.
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
CHANGE OF PERCEPTION
Creating the master role: Now maintain the permissions that are the same for all affected employees. In the example shown above, I assign the "findepartment_r" role as an example the "F-02" transaction authorisation.
The website www.sap-corner.de offers many useful information about SAP basis.
Different customers have different support requirements and concepts. We support them on-site as an extension of their internal team as well as through remote connections. Be it on an ad hoc basis (e.g. release upgrade, DB upgrade, optimization of Solution Manager) or on a permanent basis (e.g. monitoring of operations in SLR, fast reactions in defined exceptional cases, planned maintenance), we have the right team, the appropriate procedures (ITIL) and the modern tools to implement your requirements.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
And stand by your side during a platform or release upgrade.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
Creating the master role: Now maintain the permissions that are the same for all affected employees.