In the authorization environment, in addition to assigning authorizations to SAP users, there are a number of important SAP Basis settings that you should check regularly to ensure that your SAP system is fully protected, both internally and externally. For example, particularly in the context of an audit, it is important to ensure that changes to the SAP system always remain traceable. In this blog, I would like to show you how you can best implement this and what to look out for.
SAP Basis experts ensure optimal integration of the SAP system into a company's individual IT landscape. Depending on the agreement, the team of experts takes care of the administration as well as the hosting and operation of the SAP system.
If you have modified SAP objects, you have to match these objects during playback. The transaction SPDD matches Dictionary objects, and the transaction SPAU Repository objects. Prerequisites SPAM prompts you for modification matching. How to Stop Inserting the Support Package (F12). SPAM will resume processing at RUN_SPDD or RUN_SPAU steps. To enable your developers to perform the modification synchronisation, create an order in the Transport Organiser [Extern] and under this task for the developers. Ask developers to perform the modification matching for their objects. Synchronisation of Dictionary Objects (SPDD): The developers can view the list of affected objects with the addition of Synchronise Modifications in the input image of the transaction SPAM. Synchronisation of Repository Objects (SPAU): Developers must call the transaction SPAU and then match it. Once the match is complete, developers must share the tasks and inform you. The comparison can be done in any client. Call SPAM. Select Insert Support Package Queue. You will be prompted again to perform the modification sync. Since it has already been completed, ignore the hint and select Next. SPAM completes the processing and returns the status.
For example, many customer ABAP programs work by uploading or downloading data. There are potentially large security gaps here that allow access to server data. In addition, the widespread direct invocation of operating system commands that are not covered by a self-programmed authorization check is a major problem. Even though classic SQL injection, i.e., the entry of extended SQL commands, is a potential security vulnerability, it occurs rather rarely in SAP systems. More widespread is the unintentional dynamization of SQL calls because input parameters are not sufficiently checked. The need to check all in-house developments internally for such security vulnerabilities before they are delivered in SAP's own code has led to the development of the SAP Code Vulnerability Analyzer tool.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP base.
Continuous training in the field is advisable in order not to lose touch.
First enter a tilde (~) and define the value later in the derived roles.