SAP Security for Administrators
Operation of your ERP landscape on SAP on HANA
In the area of SAP Basis it is necessary to make temporary changes in the security settings of the clients and systems in the course of system updates. You can use the system changeability variable to specify whether changeability of cross-client data, such as programs or menus, as well as client-independent customizing is allowed.
The default value of the profile parameter is 1, so the weak hashes are generated for each user. Preventing weak password hashes The generation of unsafe hash values can be prevented by setting the login/password_downwards_compatibility profile parameter to 0. Note that a change only takes effect when the instance is restarted!
Application of SNOTE and elimination of errors
Verify that the data file was generated. If it was not created, make sure that the [Page 10] Recreate Data File settings in SPAM settings are enabled. For more information, see Note 70752. ADD_TO_BUFFER In this step, the queue is placed in the transport buffer of your system.
But when it comes to the intricacies of large SAP environments, Ansible quickly reaches its limits. If you want to use Ansible to implement simple automations - for example, starting and stopping SAP environments - you have to put up with a lot of manual effort and complicated scripts.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
How does an emergency user approach work? An emergency user concept in SAP works fundamentally via a temporary assignment of additional rights to a specific user.
This recommendation is to be considered as universal and applies to all IT departments in order to clearly distinguish them and document the performance of their own IT organisation.