What do the next ten years hold in store?
Integration of SAP notes (error correction instructions)
In the SAP Business Objects environment, you can extend the control of permissions using the CMC tab configuration. The tab configuration allows you to easily show or hide specific tabs for users or groups. Enable CMC Tab Configuration By default, the CMC Tab Configuration feature is set to "Don't Limit" and is disabled. For you to be able to use the tab configuration at all, you will need to enable it for now. Note: If you enable the tab configuration, all users that are not under the default Administrators group will not see tabs for the time being. This is because access is denied by default through the CMC tab configuration. Therefore, once enabled, you must maintain tabs for all existing groups. Therefore, make sure you have an account associated with the Administrators Group! To do this, go to Applications, right-click Central Management Console, and select Configure Access to the CMC tab: The CMC can be found under Applications. Now enable the configuration by selecting the Restrict option. Use Restrictions to enable the option. Hide/show tabs If you are now logging in with a user that is not in the default Administrators group, you will not see applications/tabs on the CMC home page. Initially no applications/tabs are visible To display the desired tabs for the groups again, switch to users and groups with your administrator account, right-click on the desired group, and select CMC tab configuration. Enter the tab configuration. In the dialogue that appears, you see that all tabs are denied access by default.
A simpler option is to output the transactions used by the expert as a list and to obtain an overview of the task areas. The function block SWNC_COLLECTOR_GET_AGGREGATES is very suitable for exporting the used transactions in a list. As an alternative, one can directly use the workload monitor in the transaction code ST03N.
SUGR Maintain user groups
SAP Basis Operation manages the IT underlying the SAP system. In addition, the operation ensures the maintenance and availability of business processes. Various tools can be used for this purpose, which take over the maintenance, care, configuration and monitoring of the SAP system. Basic operation is the prerequisite for ensuring that the SAP system is fully operational and covers the business processes well.
Cross-client tables can be modified. The control system of another, productive client can thus be undermined and undermined. Quite a lot of power! Did you also know that the SAP system provides a feature that deletes table change protocols (DBTA BLOG table) and that it is effective across all clients? If the table change logs have not been additionally archived via the BC_DBLOGS archiving object, traceability is no longer available. That way, every criminal act within your company can be beautifully covered up. Similarly, full access to batch management allows you to manage all background jobs in all clients with the permission. This allows you to delete old background jobs that have gone unauthorised. There are also some points to consider when managing print jobs. Typically, the following two SAP access permissions are enabled to protect print jobs: S_SPO_DEV (spooler device permissions) S_SPO_ACT (spooler actions). Why? Confidential information in print jobs is not protected against unauthorised disclosure. (Strictly) sensitive print jobs can be read unauthorised or redirected to external printers and printed out. Print jobs are unprotected unless additional SAP access permissions are enabled to protect print output. The print jobs are multi-tenant, which means that the authorisation award should also be well thought through at the point.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
In the case of unprotected data communication paths between different client and server components of the SAP system that use the SAP protocol RFC or DIAG, the data exchange takes place in plain text and there is a risk that this can be read.
Change the settings here depending on your request.