Recertification of SAP role mapping with EasyReCert
Implementing applications
The 5 most common errors in SAP test management In this blog post I would like to discuss the 5 most common errors in SAP test management, which in my experience occur regularly in this area. I hope that with this I can give you some guidance so that you can avoid these mistakes. No test management Quite simple. You have complex SAP software in use or are just introducing a new module tailored to your company, but the test process plays a subordinate role and tests take place only sporadically and unstructured? Then you have already made the first mistake. To ensure high software quality, avoid hidden consequential error costs and consciously plan for a test period instead of the risk of time bottlenecks, a methodical approach should be planned. Too much testing If you have decided to introduce test management, you need to weigh up the resources required for this. A large amount of testing quickly pushes the cost-benefit ratio into the realm of inefficiency, because the time required for testing drives up costs. On the other hand, the test quality should of course be high. Therefore, a structured and comprehensive approach is of high importance. Basically, you should make sure that the costs for the test effort do not exceed the average of the consequential failure costs.
To evaluate the log files, please use transaction RSAU_READ_LOG. If you archive the security audit log files you can read them using transaction RSAU_READ_ARC.
Generate and monitor a revision-proof permission concept tool-based: The established processes for entitlement management, role application and assignment are not documented at all or in a central location in your company? In the revision, it was noticed that a written authorisation concept does not exist, is not up to date or that the processes do not meet the requirements?
Overall, SAP Basis operation requires not only a high-quality technical infrastructure, but also distinct know-how and experience. This is because the management of the underlying SAP NetWeaver and SAP HANA platforms has become extremely complex.
This makes the technical user the dialogue user and a login in the SAP system is unrestricted. So Johannes logs in with the known password of the RFC user in the production system. Thanks to very extensive permissions, it now has access to all sorts of critical tables, transactions, and programmes in production. With the identity of the RFC user Johannes starts with the technical compromise of the production system... RFC Security: All invented - or everyday threat? Whether a simple trim, altered biometric properties or an encapsulated technical user in the SAP system: the basis of the compromise is the same. A person uses a different identity to gain access and permissions to protected areas. Moreover, the evil in all three stories could have been prevented by pro-activity. When was the last time you thought about the security of your RFC interfaces? Can you say with certainty that all your technical RFC users only have the permissions they actually need? And do you know who exactly knows the passwords of these users? Can you 100% rule out that not now in this moment an SAP user with a false identity infiltrates your production systems? Change now: It's about pro activity! But before you start now and start looking for the "identity converter" (which I really do not recommend!), I suggest that you take root of evil and proactively strengthen your RFC security. So if you want to find out more, I have the following 3 tips for you: 1) Our e-book about SAP RFC interfaces 2) Clean up our free webinar about RFC interfaces 3) Blog post about our approach to optimising RFC interfaces As always, I look forward to your feedback and comments directly below these lines!
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
SAP Basis consultants are experts in consulting.
In such a catalogue there is usually a set of apps and services which is relevant for a specific user group.