Provision of Web Dynpro so that all users have access to the Web Dynpro applications via an Internet browser
It should be mentioned here that it only makes sense to access the tables by reading the SELECT statement to get a quick view of the results. Using the DBACOCKPIT, it is not possible to create entire table structures using Create Table. For such applications, SAP provides other, better options. Another important point is that once a user has the necessary permissions to use the transaction DBACOCKPIT, it can potentially (with appropriate permissions on the tables) access the entire SAP system. For example, a query can be used to read the entire user table. Therefore, the transaction should always be treated with caution and only awarded to administrators. DBACOCKPIT handles the call control permissions similar to the SE16 / SE16N transaction. When the table is called, the S_TABU_DIS or S_TABU_NAM permission object is checked with a specific activity. This means that only the tables or table permission groups for which the corresponding values in the aforementioned permission objects are assigned can be accessed. You can read more about assigning permissions to individual tables here. In addition, you can save SQL statements that you run once, and run them again at any time to recognise changes in the result set without having to reformulate the SQL statement each time. The editor also allows you to start the query for SQL statements in the background. The result is obtained by calling the transaction SM37, in which the result is output in a spool file.
The monitoring of SAP systems, for example, is handled by modern AIOPs software, which permanently performs essential checks thanks to regular checks. This allows us to focus on optimizing your SAP systems, not only reactively in the event of an error, but also proactively to avoid possible errors before they occur.
Configuration adjustments and parameter changes
Another important example is the reading permission for TemSe objects. The temporary files are often forgotten, because it is often not considered that cached (strictly) sensitive data, which is intended for only one user (owner), can be viewed by another user without permission - and across clients. The examples mentioned show us how important it is to carefully assign permissions for client-independent transactions. Download Transaction tables The transactions that enable the examples above, including certain expressions of the associated permission objects and our recommendations for them, can be found in the file "Critical cross-client permissions" for download. Other client-independent transactions are located in the Cross Clients TCODES file. The criticality of these transactions should be assessed according to the context. I recommend always being careful and keeping these transactions in mind.
SAP Hosting should not be thought of as an off-the-peg suit, but as a made-to-measure suit. For mid-sized companies in particular, it is crucial to first identify corporate goals, technical conditions of the IT architecture and individual requirements. During this planning phase, added value and potential savings can also be identified.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
Important is the attention and appropriate use of the AND/OR relationship.
This circumstance can lead to confusion.