SAP Basis High sense of responsibility - SAP Basis

Direkt zum Seiteninhalt
High sense of responsibility
Many companies are struggling with the introduction and use of secinfo and reginfo files to secure SAP RFC gateways. We have developed a generator that supports the creation of the files. This blog post lists two SAP best practices for creating the secinfo and reginfo files to enhance the security of your SAP gateway and how the generator helps you do this. secinfo and reginfo Request generator Option 1: Restrictive procedure In the case of the restrictive solution approach, only in-system programmes are allowed. Therefore, external programmes cannot be used. However, since this is desired, the access control lists must be gradually expanded to include each programme required. Although this procedure is very restrictive, which speaks for safety, it has the very great disadvantage that, in the creation phase, links which are actually desired are always blocked. In addition, the permanent manual activation of individual connections represents a continuous effort. For large system landscapes, this procedure is very complex. Option 2: Logging-based approach An alternative to the restrictive procedure is the logging-based approach. To do this, all connections must be allowed first by the secinfo file containing the content USER=* HOST=* TP=* and the reginfo file contains the content TP=*. During the activation of all connections, a recording of all external programme calls and system registrations is made with the gateway logging. The generated log files can then be evaluated and the access control lists created. However, there is also a great deal of work involved here. Especially with large system landscapes, many external programmes are registered and executed, which can result in very large log files. Revising them and creating access control lists can be an unmanageable task. However, this process does not block any intentional connections during the compilation phase, which ensures the system will run non-disruptively.

The coverage of old core tasks (such as security or compliance) and new core tasks (such as cloud or mobility) must be increased in the sense of a holistic consideration. This means that certain tasks must be considered not only in the context of the SAP basis, but also in the overall context.
Own development testing is very common in the quality system. Therefore, the customising/workbench developments must be transported to the appropriate system. It is highly recommended to use the order type "Transport of copies". This post explains why you should use this type of order and what you need to consider. Transporting copies - Why? All objects on the original transport order remain locked. Only the copies of the objects are transported to the next SAP system. If something goes wrong during transport, objects can easily be recollected or added. In addition, when copies are transported to the test system, no import is created in the production system. The import queue remains clean and clear. The problem with overtaking transports is eliminated. Transporting Copies - Creation To create a transport of copies, call the Transport Organiser through the transaction SE01. Check the Order Type "Transfers of Copies" and click View Create a new order (using the Document icon or F6 key). Then select the order type "Transport of copies". Then define a description and the destination system of the transport. Transport of copies - Add objects The transport order of the type "Transports of copies" was created. Now we want to add the objects of the original to be transported. Unfortunately, not all objects of an order can be copied directly. Therefore, it is important to take the objects task by task. A transport order can contain multiple tasks. Press CTRL+Y to highlight the task ID and then copy it by CTRL+C. Right-click on your order of the type "Transport of Copies" and select the Include objects option. Select the object list of an order and copy in the ID of the task that contains the objects to be transported. Confirm your input. All objects of the order are transferred to the transport of copies. You can then transport the objects to the test system using the normal transport procedure.

The operator is now responsible for ensuring smooth and safe operation in the SAP environment. It has a basic understanding of the infrastructure and is well connected within the IT departments. For his daily work he uses suitable tools (e.g. monitoring tools), in which he is trained and trained. In the future, the focus will be on reactive activities such as monitoring systems and processing notifications. The operator acts as a customer of SME-expression standardisation and automation as well as the SME-expression-solution manager. Also, the operational aspects of this role are suitable for outsourcing. However, the accountable parts remain in the company.

"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.

The Technical Lead functions as the work package leader or sub-project manager within the SAP basis when the project is the focus of the SAP basis.

SAP HANA base administrators can master the database in a way that wasn't possible back then.
Zurück zum Seiteninhalt