RSMEMORY: Dynamically Set Memory Parameters
SWU9 Trace of the BC-BMT-WFM component
This course is intended for people who plan, design, and install the SAP HANA database. It will also be of interest to those responsible for configuring the various components for importing data and customer reporting.
The security of an SAP system requires protection against unauthorised access, e.g. through the secinfo and reginfo files. A cleanly implemented authorisation concept protects against attacks within the SAP system. However, it is also possible to attack your SAP system via the network. Through the RFC Gateway Server, your system communicates with external servers and programmes. One particularly effective way to protect against this are so-called Access Control Lists (ACL). Find out what this is and how you can use it to better protect your SAP system. The SAP Standard offers different approaches for gate protection. All methods combined can provide even greater safety. For example, it is possible to use Access Control Lists (ACL) to monitor exactly which external programmes and which hosts can communicate with the gateway. Another option is to configure the gateway to support Secure Network Communication (SNC). Finally, there are various security parameters for the gateway. This article focuses on the use of ACL files such as secinfo and reginfo files. What is an ACL? Access control lists are files in which permitted or prohibited communication partners can be recorded. For the gateway to use these ACL files, parameters must be set in the default profile of the SAP system and of course the files must be maintained accordingly. With the help of logs and traces, which can be configured for this purpose, a precise investigation can be made in advance of the activation, which connections currently run via the gateway. This allows them to prevent important applications with which your system communicates from being blocked by the ACL files. The rules in the ACL files are read from top to bottom of the gateway to decide whether to allow a communication request. If none of the rules matches the requesting programme, it will be blocked. Network-based ACL The network-based ACL file contains permitted and prohibited subnets or specific clients.
ASSESSMENT OF EXISTING CUSTOMER-SPECIFIC SOLUTIONS
Have you ever wondered what there is actually a tab personalisation for role maintenance in the PFCG or for user data maintenance in the SU01? I will answer this question for you in this blog post. What do we need the Personalisation tab for? This tab gives you access to the central repository for personalisation data. The purpose of this repository is to create a storage facility for user- and role-specific data without the need to create additional database tables. This data should then be taken into account in all manipulations of users and roles. The functionality initially includes a generic repository for user- and role-specific data and centralised access to that data by user and role maintenance. It also provides the ability to connect existing tables with user-specific data to the central access via a defined interface. To store personalisation data in the central repository, a key must be assigned to the data: This is done via the registration transaction PERSREG. The personalisation data that you create is stored in the generic drop table. Access to it is provided by the class methods of the CL_PERS_ADMIN class. Different levels of personalisation The data can be stored either to the user, to roles or to the system. A user can then read all data assigned to him (via role or his own settings) at once.
To influence the ABAP/Dynro generation, select Additions in the entry screen of the SPAM. Function Menu Path Turn Generation on or off Settings Ignore generation errors during the commit. Ignore error in SPAM steps If an error is detected in one step, the transaction SPAM stops processing until the error is resolved. You can always check with Status to see in which step and for what reason the abortion took place. Types of errors There are the following types of error messages: Security checks of the transaction SPAM A typical example is the OBJECTS_LOCKED_? step. The SPAM transaction interrupts processing when objects are still locked in jobs to be overwritten by the queue. Error messages of the programmes tp and R3trans The cause of error can always be found in the corresponding transport log. A typical example is the TEST_IMPORT step. This checks to see if there are unconfirmed repairs to objects overwritten by the queue. The affected objects are listed in the Testimport log. Incorrect setup of the Change and Transport System Common errors are the lack of appropriate rights to the files of the Change and Transport System or the use of old programme versions of tp or R3trans. Verify that the transport tools are working correctly with Transp Tool. Check Tool. A typical example is the DISASSEMBLE step. If adm does not have write permissions for the /usr/sap/trans/data (UNIX) directory, SPAM will cancel DISASSEMBLE with CANNOT_DISASSEMBLE_R_DATA_FILE. The transaction SPAM requires that the Change and Transport System [External] is set up correctly. For more information on known problems, see Notes 97630 and 97620.
Tools such as "Shortcut for SAP Systems" are extremely useful in basic administration.
In practice, these services are in most cases distributed among several servers, each serving different applications.
For more information on this dialogue, please refer to the Online Manual.