SAP Sybase
What are the tasks of an SAP administrator?
Especially after security incidents it may be necessary to find out which (technical) users have logged in at which time. The USR02 table provides a first entry point. In the TRDAT column you can find the last login date for the user you want. However, a history of previous applications is not found in this table. In such cases, the Security Auditlog or SAL helps. Preparation In order to access the desired data, it must also have been saved previously. In the Security Auditlog, you can use various filters to determine which users are logged on which client and which information. The Security Auditlog stores, depending on configuration, logins, RFC calls, and other actions for specific users. You can make these settings in the SM19 transaction. Note: Logging user activity must be aware of the users concerned! Configure the SAL only for technical users or in consultation with users / works council / etc. It can be seen there among other things when the SAL was activated and last edited (1). You can also select the various filters (2), activate the filters individually (3), specify clients and users (4) and specify which activities are logged (5). Static configuration in the SM19 Under the Dynamic Configuration you can also see if SAL is currently active for the system. Determine the status of the SAL Evaluation of the SAL If the Security Audit Log is active, switch to the SM20 evaluation of the Security Audit Log. Select the desired user and client and the appropriate time window. The option Dialogues login is sufficient for the login. Then, restart the AuditLog analysis. Start evaluation You will get an overview of the user's login to the selected client of the system.
NEW TECHNOLOGIES AND INNOVATIONS The role of IT is changing (bi-modal IT). On the SAP basis, this new bi-modal organisation is particularly true. On the one hand, it is necessary to continue to ensure the SAP operation in the usual stability and security, and on the other hand, to act as a business innovator in order to fulfil the role as a technology consultant for SAP technology. ADJUST SAP basis NAMING The original definition and naming of the SAP basis no longer meets today's task. Therefore, it is recommended to give the SAP basis a meaningful and contemporary description depending on the future organisation form. For example, the bi-modal role listed in Recommendation [A1] should be taken into account.
Table of Contents
This is key to leveraging SAP's simplification plan. Since the release of SAP HANA, SAP has worked to simplify the system.
After the addition of Java Stack (the applications developed in J2EE, BSP, JSP, etc.), the security standard for business processes was increased. Both ABAP and Java stack can be monitored from one platform. Netweaver supports standard protocols such as HTTP, SMTP, XML, SOAP, SSO, WEBDAV, WSDL, WMLSSO, SSL, X.509 and Unicode format (text processing representation).
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
This includes a template for a revision-proof and comprehensible, written authorisation concept.
He is considered a reliable and conscientious developer from the IT department.