SM51 Application server instances
How to lock (SU01) and unlock (SU10) an SAP user
Especially in larger companies, which also have multiple locations in different countries, it is often necessary to grant different employees the same permissions for different levels of organisation, such as accounting circles. In order to make maintenance and maintenance of the system easy in such a situation, it is useful to set the inheritance principle for SAP permissions. How does SAP Permissions Inheritance work? An inheritance is always about a master object passing certain properties to a derived (sub) object. Therefore, these properties do not need to be maintained several times. Also, changes to the master object are passed directly to the derived objects. This allows easier maintenance and drastically minimises the error rate. In the case of SAP Permission Inheritance, the required permissions are bundled in a Upper or Master role. Only the organisational levels have to be maintained in the roles derived from them. The permissions are automatically pulled from the master role. Create Inheritance for SAP Permissions The following shows how to create and use inheritances for SAP permissions. This requires only two steps: Creating a master role and defining derived roles. Step 1: Create a master role Inheritance always requires a parent role, because all properties are inherited from it. If this role, in which all shared permissions are bundled, is missing, the first step is to create this master role. To do this, open the PFCG transaction and enter the desired name of the master role in the Name field. It is possible to identify master and derived roles by using naming conventions. The "Single Role" button will then be used to create the desired role. In the following example I create the master role "findepartment_r".
User name without restrictions - critical? Depending on the release of the SAP_BASIS component in your system, invisible special characters may end up in the user name. This is especially critical if only spaces or alternate spaces are used for the user name when creating a new user. In Unicode systems, "alternative" spaces, so-called "wide spaces", can be used in addition to the normal space character (hexadecimal value 20). For example, the key combination "ALT+0160" can be used to insert non-breaking spaces. If a user is now created whose user name consists exclusively of such alternative spaces, this can be confusing. This is because entries for this user ID do appear in change documents, but the impression is created that the entry was created by a non-existent / deleted user. This circumstance can lead to confusion. In addition, certain special characters in the user name can also lead to errors, for example in the Change and Transport System (CTS). This is because the user name is also used in the CTS-ORG to create a file with the same name in the transport directory. Furthermore, there are letters/characters that look identical in different alphabets, but have a different hexadecimal value in the character set. This means that confusion in user names cannot be completely ruled out. Seemingly identical user names then stand for different users.
Data cleansing
Once you sent the money person A and once person B. Which miner is right now? The solution is to divide the consensus into time blocks, in which a miner is randomly selected, and then determine which transaction it has selected as the consensus during this block. The transactions are stored in blocks of the chain. Only a limited number of transactions fit into each block. The miner, which solves the last transaction of a block before a new one is generated, also gets a bitcoin as a reward.
How does a blockchain build consensus? Once you decide to send a payment to someone, you must use the Private Key to "sign" it (in German: signature). This means nothing other than that you specify another public address to which you want to send the money and confirm this transaction with your own private key. You don't have a central authority to send the information to, you're going to spread the information to all the other Miners around you. The miners then forward this information to other miners, who in turn do the same. This exponential wave of information reaches the entire network of the distributed community within a few milliseconds. Every time a miner receives a transaction, it checks that the transaction is actually correct. It checks which private key has signed, which public address the transaction should go to and whether the sender has enough "coins" for this transaction. What are consensus mechanisms? Any miner that solves a transaction through complex mathematical calculations is rewarded by the sender with a "fee" (transaction fee). How will it be decided which miner will receive the transaction fee? Because only one can get this reward. Also, what happens when you try a double spending by sending one transaction to one miner and then another transaction with the same money to another one millisecond later? These two could not yet exchange and thus information would be different in the network.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
In the interests of system security, changes to repository and client-independent objects should also not be permitted.
All combinations are possible, e.g.: XME = None of these special characters may occur at the BEGINNING of the user name.