USE OF THE SECURITY AUDIT LOG
OUR SOLUTIONS
The tasks of a company's own SAP Basis department are undergoing enormous change at many companies, as SAP is also relying more and more on cloud services. Strategically, completely self-hosted SAP systems are becoming rarer and the proportion of customers using an SAP system from the cloud is increasing. The new roles of SAP Basis employees tend to be "enablers" and coordinators between the cloud provider and internal IT and the business departments. Until that time comes, companies can also rely on external service providers to offer expert know-how as well as operational support for the transition period.
To add additional permissions for defined groups in the launchpad to PFCG roles, follow the steps described above. This time, you only select a "SAP Fiori tile group" instead of a "SAP Fiori tile catalogue". There are very few differences between permissions. Fiori Eligibility for OData Services The launch authorisation for the OData service stored in the backend from a Fiori app is queried on both the front-end and back-end servers when the application is launched. Therefore, this permission must be added to the appropriate role on both servers. The typical sequence of clicking on a Fiori app in the launchpad triggers the following steps: 1) When selecting the tile, the app Fiori implementation is called 2) The app retrieves dynamic data from the HTTP endpoint of the OData service on the frontend server from 3) An RFC call to the gateway activation of the backend system is followed, retrieving the relevant business logic 4) Now the Fiori permission for the corresponding OData service is queried on the backend 5) If this was successful the appropriate business logic permissions are queried in the OData service. To add the Fiori permission to run a OData service for an app to a role, please perform the following steps: In the PFCG, open the appropriate role in Change mode, perform steps on the following screenshot: 1) Select Menu tab 2) Arrow next to the "Transaction" button click 3) Select Permissions proposal.
Handling SAP day-to-day business such as administration, maintenance and configuration of your SAP systems
The so-called SAP message server also belongs to the application layer. Only one instance of this server exists in the system. It mediates between the services and applications. In concrete terms, this means that the message server takes care of load balancing and determines, for example, on which application server a user logs on. Communication between application servers is also the domain of this message server.
The website www.sap-corner.de offers many useful information about SAP basis.
When I began my career administering SAP ERP on Oracle in the early 1990s, running a database required far more knowledge. An Oracle administration expert with a decade of experience understood perhaps only about 5% of what the database required.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
Roles and permissions work differently in a HANA system.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
I have summarised the most important points in the form of a checklist.