SAP Authorizations Use SU22 and SU24 transactions correctly - NW Admin

Direkt zum Seiteninhalt
Use SU22 and SU24 transactions correctly
Permissions checks
You should therefore enforce cryptographic authentication and communication encryption by setting up Secure Network Communication (SNC). SNC provides a strong cryptographic authentication mechanism, encrypts data transmission, and preserves the integrity of the transmitted data. For some time now, SNC is freely available without a SSOMechanism (SSO = Single Sign-on) for SAP GUI and the RFC communication of all SAP NetWeaver customers. You should always implement SNC between SAP GUI and application server, as this communication can also run over open networks. For RFC communication, you need an SNC implementation if you think the data transfer could be intercepted.

The SAP HANA Studio application is available for maintaining and assigning HANA permissions to users. The SAP HANA Studio is installed on your workstation. You can then log in to one or more HANA databases with the user and password. The SAP HANA Studio and HANADatenbank are currently subject to extensive further developments; Therefore, the respective versions of the SAP HANA studio must be compatible with the HANA databases to be connected. For this reason, we recommend that you check the information about the use of certain versions of SAP HANA Studio in the SAP Notes.
Copy the user from the Clipboard to the Transaction SU10 selection
The SAP authorization concept protects transactions and programs in SAP systems on the basis of authorization objects. Authorization objects enable complex checks of an authorization that are bound to several conditions. Authorizations represent characteristics of authorization objects depending on the employee's activity and responsibility. The authorizations are combined in an authorization profile that belongs to a role. The administrator assigns the appropriate role to the employee via the user master record so that the employee can perform his or her tasks in the system.

To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.


The Security Audit Log now also logs events where the runtime was affected by the debugger. New message types have also been defined in this context. To install this extension, you will need a kernel patch. For the fixes and an overview of the required support packages, see SAP Notes 1411741 and 1465495.

The possibility of assigning authorizations during the go-live can be additionally secured by using "Shortcut for SAP systems".

Wenn dies der Fall ist und das Passwort gerade geändert werden muss, wird diese Änderung vom Benutzer abgefragt.

In each filter, you can define for which clients and users events should be recorded.
NW BASIS
Zurück zum Seiteninhalt