CG3Y File download
The Basis system comprises a total of three layers (Figure 1):
He has already gathered a lot of helpful information from the day-to-day business in his department: Johannes knows the RFC interfaces and the corresponding technical RFC users from his work with the applications. He also quickly got the password for various RFC users via the radio ("As long as passwords are only communicated by phone and never exchanged in writing, we are clean!"). And that the RFC users are generously entitled even in productive systems is no longer a secret ("Better to have more permissions than too little; the RFC connections have to run, otherwise there is trouble from the specialist areas!"). Since Johannes has access to the SE37 as a developer, it is not a problem to get the necessary access using the function block BAPI_USER_CHANGE - disguised as RFC User. In short, it changes the user type of a technical RFC user in a production system from to by calling the function block.
As an interface to the user, the presentation layer contains software components (the SAP GUI) by means of which the user is presented with the application. During its runtime, an SAP GUI component is always permanently linked to a user logon to the NetWeaver AS ABAP.
What are the areas when working with SAP systems?
Another major topic is the migration of SAP systems, both locally from one data center to another and from one operating system to another or from one database type to another. As a rule, the SWPM tool is used here again.
The SAP Identity Management System (IdM) enables centralised user and permission management in a heterogeneous system landscape. By using an IdMSsystem, manual processes can be replaced by automated workflows that are mapped and administered centrally. Examples of scenarios: 1) User and Authorisation Management 2) ESS/MSS for the management of personnel data 3) Audit and monitoring for the verification of compliance with legal regulations What should be taken into account, however, if you want to introduce an Identity Management System? In this contribution, I would like to highlight fundamental points that need to be clarified before the introduction.
Tools such as "Shortcut for SAP Systems" are extremely useful in basic administration.
The positioning depends strongly on the previously identified target groups and must be justified accordingly.
Quite a lot of power! Did you also know that the SAP system provides a feature that deletes table change protocols (DBTA BLOG table) and that it is effective across all clients? If the table change logs have not been additionally archived via the BC_DBLOGS archiving object, traceability is no longer available.