Quick question about SAP Security analyst responsibilities

Similar Messages

• Quick Question about SAP solution manager

  Hi,
  How to Edit or Delete or create New Entry in "Landscape Components"
  I having problem in Solution Manager 4.0
  Tr: SMSY goto Landscape Components --> Systems --> SAP R/3 --> NQA --> R/3 Server
  In CLIENT Tab entry listed blow:-
  Client: 250
  Name: NQA Server
  Role: Production
  Logical system: NQACLNT250
  RFC Read Access: SM_NQACLNT250_READ
  RFC Change Manager: SM_NQACLNT250_TMW
  Trusted system RFC: SM_NQACLNT250_TRUSTED
  RFC for solution Manager: SM_NQACLNT250_TRUSTED
  My qestion is when I highlight entry and click on RFC pushbotton there is no such as I can change or Edit entry or I can't delete that Row ?
  How can I do that please advised
  Thanks

  Hi there,
  If I follow what you're saying, you want to delete one of your clients from your system in txn SMSY.  Per the SAP online help (see below), you need to switch to "manual" maintenance mode, as it is assumed that your system's data was populated automatically.  See the online help below and try what it suggests. Note: I'm on SOLMAN 4.0, SP15.  In SMSY there is no "Landscape Components ® Other Object" option.  It is actually the button just to the left of the pencil (Change) button whose text says "Other Object..".  Click that button, then click the System radio button, then put in your system's system name (ie Q01), then click the button on that pop-up that looks like an unlocked lock, then click Yes on the pop-up after that, then click on the greencheck button(s) until you're back in SMSY.  You may have to re-click on your "R/3 Server" link to get back to the client tab/screen.  Make sure you go back into Change mode and then your "delete" button will be available.
  FYI - just below here is the online help for what I described above. Below that I've included comments of what I did when I did this myself.
  Manual Data Source Maintenance
  Use
  You cannot edit all data manually in servers, databases and systems which were determined automatically. You can set the data source to manual maintenance, to be able to edit all data in this landscape element manually.
  You should only set the data source to manual maintenance if the automatically captured description does not match the actual definiton of the landscape component. This can, for example, be the case if a system temporarily has an additional server, which is recognized by the automatic data capture, but should not be in the system description because it is only temporary.
  Prerequisite
  You are in the Solution Manager System Landscape (SMSY).
  Procedure
         1.      Choose Landscape Components ® Other Object, or
         2.      Choose the landscape component from the possible entries help, or enter the name of the landscape component.
         3.      Choose the Set Data Source to Manual Input pushbutton.
         4.      Confirm the confirmation prompt.
  END of ONLINE HELP section
  Below is the text from the pop-up msg after I clicked on the button (for my Q01 system) in the "Select Other Object" pop-up called "Set Data Source to Manual Input".  That button looks like a unlocked lock symbol.
  Switch object to manual maintenance
  You switch an object to manual maintenance to be
  able to edit the object description determined
  by the system, manually.
  You should only do this if the automatically
  determined description does not match the
  definiton of the object. This can, for example,
  be the case if a system temporarily has an
  additional server which is recognized by the
  automatic data capture, but should not be in the
  system description, because it is only
  temporary.
  Do not delete any required parts of the object
  definition, and keep the definition of the
  object consistent.
  Switch Q01 to Manual Entry?

• Several questions about Application Security

  Hello,
  I have several questions about Application Security and perhaps I need a few tips...
  I have a lot of users in a few groups which have access to my application! And the different groups should have only access to their pages.
  In my application I use trees to navigate through the application.
  So my idea is that i display different trees for the different user groups and restrict the user to access the URL....so the user can only see and contact "their" pages.
  I know how to create the logic behind the trees, but how can I create the restricted URL access...
  The "No URL Access" in the Session State Protection can not be used, because I use a lot of links in reports and HTML regions.
  Is there another way to solve that?
  But I am unsure if that is a "good" solution for my problem!
  What do you think about that?
  Am I going to do that too complicated?
  Could that be done by authentication or authorization?
  (By the way, I do not understand the differences between authentication and authorization. Can anyone help?)
  I would be glad for any reply!
  Thank you,
  Tim

  Hey Arie and Scott,
  thank you for your quick reply!
  Now I understand the context around authorization and authentication...
  I try the Access Control List and I think that is a very nice feature! Really good!
  But now I am wondering, how I can create more privileges?
  So that I have a few "end-user-roles" and then I can choose who have access to a page and who not!
  Does anybody know how to do that?
  Thank you,
  Tim

• A quick question about WebDynpro SLD and R/3 with concurrent users

  Hello ,
  I have a very quick question about Webdynpros and SLD connecting to an R/3 system, when you configure a webdynpro to connect to an R/3 system using SLD, you configure a user name and password from the R/3  for the SLD to use. What I would like to know is when I have concurrent users of my webdynpro, how can I know what one user did in R/3 and what another user did? Is there a way for the users of the web dynpro to use their R/3 credentials so SLD can access the R/3? Like dynamically configuring the SLD for each user?
  - I would like to avoid leaving their their passwords open in the code ( configuring two variable to get the users username and password and use these variables as JCO username and password )
  Thanks Ubergeeks,
  Guy

  Hi Guy
  You will have to use Single Sign On to achieve this. In the destination you have defined to connect to R/3 , there is an option to 'useSSO' instead of userid and password. This will ensure that calls to R/3 will be with the userid that has logged into WAS. You wont need to pass any passwords because  a login ticket is generated from WAS and passed on to R/3. The userid is derived from this ticket.
  For this to happen you will have to maintain a trust relation ship between R/3 and your WAS ,there is detailed documentation of this in help files. Configuration is very straight forward and is easy to perform
  Regards
  Pran

• QUICK QUESTION ABOUT PORTS

  Hi, I have a quick question about port forwarding/mapping. My question, lets say I am running MSN messenger, who's ports are 6880-6900. But lets say I am running a torrent application or something else that requires those ports. If both applications were running at the same time, would this cause interference with them on the same ports or now. Thanks
  Nathan

  Normally, only one application can listen to a specific port number at a time. If MSN is grabbing those 21 ports then your torrent app won't be able to run.
  However, most apps don't work that way - even if they use multiple ports, they don't use them all at the same time, so MSN might use 6880 when it starts up, leaving the others open for other applications to use if needed.
  Only experimentation will answer that one.

• Hi, I have quick question about use of USEBEAN tag in SP2. When I specify a scope of SESSION for the java bean, it does not keep the values that I set for variable in the bean persistent.Thanks,Sonny

   

  Make sure that your bean is implementing the serializable interface and that
  you are accessing the bean from the session with the same name.
  Bryan
  "Sandeep Suri" <[email protected]> wrote in message
  news:[email protected]..
  Hi, I have quick question about use of USEBEAN tag in SP2. When I
  specify a scope of SESSION for the java bean, it does not keep the
  values that I set for variable in the bean persistent.Thanks,Sonny
  Try our New Web Based Forum at http://softwareforum.sun.com
  Includes Access to our Product Knowledge Base!

• Some questions about SAP esourcing

  Hi expert,
  I have one question about SAP eSourcing. In RFQ document, before RFQ award is published, our customer do not want the price of RFx response disclosed to collaborators. After the award is published, the price can be released to collaborators. As I know, we can use page customization to hide page field. But the price is collection field. So I failed to use page customization to hide it.
  Pls advise me how to realize it.

  Hi
  Please go through the relevant pointers ->
  eSourcing covers some scenarios in SRM for Bidding and Auctioning.
  Have a look at following link for some infos:
  http://help.sap.com/saphelp_srm50/helpdata/en/56/c34e3c59bfe747e10000000a11402f/frameset.htm
  Re: e-sourcing
  eSourcing 4.2 - Page Customization/Extensions
  Re: eSourcing withSRM or eSourcing with ECC?
  Hope this will help. Do let me know.
  Regards
  - Atul

• 3 important questions about SAP HANA

  Hello Community!
  I have got 3 important questions about SAP HANA.
  1.
  - Our Company has all up about 150 SAP - Systems.
  - 12 Systems are ERP-Systems.
  => We consider about SAP HANA at the moment.
  => Is it possible to put all the 12 ERP-Systems in ONE SAP HANA or do I need one seperate HANA for each ERP-System?
  => If it is possible, can you tell me the disadvantages when I use 1 HANA for the 12 ERP-Systems.
  => Is there a Storage-Limit in the HANA (I think no, because of 64 bit).
  => Can I still make realtime-analytics with 1 HANA for 12 SAP Systems?
  2.
  => Can I run ONE HANA with different non-SAP-Systems?
  3.
  => Is there a Demo-Center from SAP or IBM, where I can test and see the HANA before I buy it?
       (I do not mean the Fujitsu TDS Demo Center)
  It would be nice, when you would answer all my questions.
  Thank you.

  I have got 3 important questions about SAP HANA.
  1.
  - Our Company has all up about 150 SAP - Systems.
  - 12 Systems are ERP-Systems.
  => We consider about SAP HANA at the moment.
  => Is it possible to put all the 12 ERP-Systems in ONE SAP HANA or do I need one seperate HANA for each ERP-System? Yes it is quite possible to put all the ERP/CRM/SCM or other components on one HANA. You need to check for pricing/users/RAM (storage)
  => If it is possible, can you tell me the disadvantages when I use 1 HANA for the 12 ERP-Systems.
  There are no disadvantages as of now.. improve existing planning, forecasting, pricing
  optimization and other processes
  => Is there a Storage-Limit in the HANA (I think no, because of 64 bit).
  There is no limit on Stotrage: You need check how much Data you need on RAM (Real time processing) Storage.Minimum you can buy is 64 GB and multiple of it for (RAM)
  => Can I still make realtime-analytics with 1 HANA for 12 SAP Systems?
  Yes certainly..
  2.
  => Can I run ONE HANA with different non-SAP-Systems?
  YEs you can run HANA for 3rd party S/W or non-sap systems for your real time anlytics.
  It has ODBC and JDBC both and you can combine it with other systems.
  3.
  => Is there a Demo-Center from SAP or IBM, where I can test and see the HANA before I buy it?
  (I do not mean the Fujitsu TDS Demo Center)
  This you need to check with your local SAP Service channel..
  It would be nice, when you would answer all my questions.
  Thank you.
  PY

• Question about SAP Router Version

  Hi All,
  I have a question about SAP Rotuer. How can I check what is my sap router version?
  I plan to upgrade my sap router to version 23 because It can monitor by windows services.
  Does any one know about this ? Please kindly explain.
  Thank you & Regards,
  Vipu

  Go to saprouter directory in command prompt   cd :\usr\sap\saprouter
  > type saprouter -v
  You can see result like below
  SAP Network Interface Router, Version 38.10
  compiled Mar  1 2010 01:38:53
  start router : saprouter -r
  stop router  : saprouter -s
  soft shutdown: saprouter -p
  router info  : saprouter -l (-L)
  new routtab  : saprouter -n

• Question about  SAP client setting when create new connection in CR2008

  Dear All,
  I have a question about SAP client setting in Crystal Report 2008 when I try to create a new connection use SAP OpenSQL(SAP Table,Cluster,or Function).
  I have a SAP IDES environment with 5 clients.
  While I try to create a CR standard report use SAP OpenSQL, I entered 800 into Client field in u201CUser logon credentialsu201D. The connection can be created and I can get table list. After I built a report ,I can not get data from IDES client 800, but I can get data from client 000.
  I am sure client 800 has data.I checked client 800 table with Tcord se16.
  I also did other tests and felt confused a lot.
  Even inexistent client, such as u201C00u201Dand u201C8000u201D can be used for creating connection.
  I just want to know how can I get data from client 800.
  Thanks for your kindly help!
  Wayne

  Dear Ingo,
  Thanks for your reply!
  I am not sure about your suggestion clearly. What's your mean all the authorizations to use CR?
  Maybe I should clarify my operations.
  I logon CR2008 as administrator and created two SAP connections with different client.
  There is a table named "/BEV3/CHBALLG" be showed in these connections.
  I checked  clients "000" and "800" both have data in the table.
  I can use client 000 connection create report and get right data, but the report base on client 800 connection could not get data.
  If change to another table,such as "/SAPDMC/LSOFIL", I can get data both form these connections.
  I found one thing is very weird. Client "00" and "8000" do not exist in my IDES environment, but I can use them for creating connection.
  May I have your further suggestions?
  Wayne

• Question about internet security...please help!

  Hi everyone,
  I have a question about the macbook's internet security.
  A few days ago I became aware that my sibling was using a laptop for internet use at my house which he got from a person that I do not trust. He is very computer-savy and we're worried that he may have installed some form of spy ware on that laptop and in turn, may have tried (or succeeded) in accessing my Macbook through some form of spyware. My house is hooked up with a D-Link wireless router, and at the time, it had no internet/access-password.
  So my question is, could this person have accessed my computer and personal information remotely by and through the laptop that my sibling got from him. I was under the impression that Mac's have very strong firewalls, but I have also heard that as long as he knew what he was doing, he could have accessed my computer. I don't have a wireless "network" set up at my house, I just simply use the router for internet. But my sibling told me that this guy was his "network administrator" which leads me to believe that he must have had remote access to the laptop.
  Can anyone with knowledge on this problem please weigh in and let me know what I need to do to confirm that no one has accessed anything from my macbook.
  Thanks!

  One option if you want to be extra safe is turning on FileVault (System Preferences -> Security), which will encrypt everything on your computer so that if somehow someone does gain access to your computer they will have a next to zero chance of being able to read anything they get from your computer. You have to have a lot of extra hard drive space on your computer to turn it on though.
  Also, a "network" is just a connection between computers, regardless of the internet is involved or not. So when you connect your computer to the router which gives you the internet, you are putting your computer on a network. Now I believe that in order for this person whom you don't trust to gain remote access to your computer, they would have to have more information such as an IP address for your computer, through the router in order to get to it.
  One thing I think is very important to consider that isn't on the technical side of things is something called "Social Engineering" which is a form of cracking, or hacking. You can do your own research, but in a nutshell Social Engineering is getting people that have access to something I'm trying to hack to give me information. For instance, this person you don't trust could be giving your brother the computer in the hopes that he will download something through your router to that laptop which could give him IP addresses and other information. And then when he gets that laptop back he could scan it for useful information and your brother wouldn't know he did anything wrong at all. The best way to avoid this is purely education and communication. Even if your brother doesn't share the same suspicions about this person, surely he will understand the need to be careful and smart when it comes to sharing personal information in the digital world.

• Quick Question about Cisco 3560 and the Web Device Manager

  Alright, I have a quick question that I am curious about but I haven't found any information
  about it.
  When I log into my Cisco 3560 using the web portal to get to the Device Manager. Below the
  diagram of the switch, then under the Dashboard there is section called Switch
  Health, Port Utilization.
  Under the Switch Health there is Bandwidth Used, Packet Error. Those two options just sit
  at zero and do not move. The Port tilization graph is also sitting at zero.
  Is there a way to make them functional?

  Anyone notice performance increase or decrease of their HD when using the nVidia IDE SW drivers?  particularly with a 74GB Raptor?  I've also heard of burner issues when installing the IDE SW but have not used my burner yet.

• IMovie - quick questions about video files when importing and optimizing

  Hi, have some quick questions. I think they are simple.
  1. When I import a video (from say iPhoto), where does it get "Move" or "Copy" to?
  2. Why would I want to do "Copy" instead of "Move", because isn't it then taking up more space?
  3. I'm wondering if after I optimize a video, I can stash away the original (non-optimized video that I either "Move"d or "Copy"d earlier) into an external hd.
  4. By the way, what is the new file name of the optimized video?
  Though things are working fine in iMovie and iPhoto, I'm trying to manage hard disk space, and hope answers to these questions will help.
  Do you guys have a guideline on how to manage hard disk space when it comes to iphoto and imovie?
  Thanks.

  As has been suggested you can encourage people to download QuickTime player by doing something like this...
  http://www.mirroroftheuniverse.com/Songs.html
  You can also present your songs like this...
  http://roddymckay.com/Satellite/JukeBox.html
  This is a SnoCap jukebox and you need an account to use it but you'll get the link to ESnips on the above page.
  A 3 minute song has a file size of about 30 Mb in AIFF format. Converting it to MP3 reduces it to about 3.5 Mb and M4A to about 5.5 Mb.
  iTunes will do these conversions for you and M4A is far superior to MP3 as far as sound quality is concerned.

• Three questions about replication/security

  Hello,
  We are currently planning to build software for our sales persons using C#. Each sales person has a laptop and should be able to sync the client information when he/she has access to the internet/intranet. Sales person can update client information and the local database will be synced back to master server when the user is connected to the internet/intranet. My option was to go with Oracle lite (as client DB) and Oracle enterprise (Server DB). But after readying the posts in this forum, I believe Oracle XE can do the trick. Am I right?
  Second question is about the security of the replication. Sales persons can connect using the internet to sync the information back and forth. Is there a built in mechanism to secure the connection between the two DBs ( Oracle XE and EE)?
  Third question is about the recovery options. I read Mark’s post about the feature of Oracle XE. I understood that PIT recovery and achivelog mode are supported. But, the post also says that Tablespace PIT is not supported. Can some tell me the difference between PITR and TSPITR? If PITR is supported, can I restore the database to a specific date and time (i.e. Dec 2, 2005 2:00PM)?
  Thanks a lot

  Comments inline
  Hello,
  We are currently planning to build software for our sales persons using C#. Each sales person has a laptop and should be able to sync the client information when he/she has access to the internet/intranet. Sales person can update client information and the local database will be synced back to master server when the user is connected to the internet/intranet. My option was to go with Oracle lite (as client DB) and Oracle enterprise (Server DB). But after readying the posts in this forum, I believe Oracle XE can do the trick. Am I right?
  Yes - except that Oracle Lite comes with the synchronization built in, and it's tested to handle all the weird corner cases you have to deal with. XE will give you basic replication, however, you will have to build the connect, replicate (refresh materialized views), disconnect logic yourself (and test it). Personally I would spend the $100 on the Oracle Lite option
  Second question is about the security of the replication. Sales persons can connect using the internet to sync the information back and forth. Is there a built in mechanism to secure the connection between the two DBs ( Oracle XE and EE)?
  It depends by what you mean secure. When you connect XE to Enterprise Edition, it will use a database link to refresh the materialized views (replicated tables). Userids/passwords across the database link will be sent in an encrypted form. The data will not. I'm guessing you could use Oracle's Advanced Security option to secure the database links from XE to EE, but I'm not 100% sure. Tom may be able to give us a clue on this one. Also, note that DBLinks by default use the TCP/IP transport, so thats a hole you would have to kick in the firewall if the EE database was behind it (as it should be). Although replication can use HTTP as a transport mechanism
  (You can see all the issues you start to get into - the $100 dollars per Oracle Lite deployment is looking real goo to me right about now)
  Third question is about the recovery options. I read Mark’s post about the feature of Oracle XE. I understood that PIT recovery and achivelog mode are supported. But, the post also says that Tablespace PIT is not supported. Can some tell me the difference between PITR and TSPITR? If PITR is supported, can I restore the database to a specific date and time (i.e. Dec 2, 2005 2:00PM)?
  Yes - you can roll forward the entire database to a given point in time using RMAN (which will be in production). You cannot however roll forward just a subset of tablespaces (i.e a subset of the data) in XE. Tablespace PITR is an EE feature (and not for the faint hearted).
  Thanks a lot

• General Question about SAP Documentation. Where to find?

  Hello,
  I am relatively new in the SAP business and so I have some general questions about the SAP Documentation.
  Often internet-links like
  http://help.sap.com/printdocu/core/Print46c/en/data/pdf/FIBP/FI-AP-AP-PT.pdf
  are posted here by group members.
  But where do these group members find these documents?
  All I can see at help.sap.com is IDES (the model company created by SAP)and the WWW-version of the SAP-Bibliothek.
  Were can I find these PDF-Files?
  I would appreciate any hint and tip!
  Thank you!
  Kakue

  thats true! i dont know how to find either. Everytime i need something i ask on the forum.
  Here's a good link
  http://www.easymarketplace.de/online-pdfs.php
  Plz reward points if helpfull