HOW TO SAP

SAP GRC Access Control Explain

December 28, 2017  
SAP GRC Access Control consists of the following modules: Compliant User Provisioning (CUP) Risk Analysis and Remediation (RAR) Enterprise Role Management (ERM) Superuser Privilege Management (SPM) Compliant User Provisioning (CUP) CUP provides the workflow engine to drive compliant user and role maintenance processes within the SAP environment. These...
 Continue Reading

SAP Security Authorization Interview question

December 23, 2017  
How do you determine what organization value to be given to user?Refer request form, change request, functional team, copy from sample user, consult their subordinate or manager. Some business sense is needed. Never give more values then requested. How would you map a tcode to user?Check request form....
 Continue Reading

SAP SECURITY - Create authorization object and assign to user

December 21, 2017  
Authorization Objects are used to manipulate the current user's privileges for specific data selection and activities from within a program. We could always create our own authorization objects and implement it in our own abap programs. As an example, we will create our own authorization field similar to...
 Continue Reading

SAP SECURITY INTERVIEW - FIND USER ID FROM TABLE PA0105

December 19, 2017  
You only  have Personal Number (PERNR) or Email (USRID_LONG) as reference SE16 > PA0105  Now enter PERNR or USRID_LONG SUBTY must be 0001 Now execute ...
 Continue Reading

SAP SECURITY - MASS CHANGE USER LICENSE VIA SU10

December 18, 2017  
SU10 > Authorization Data > User > Multiple Selection Choose copy from txt file (if you have it in txt format) or clip board (if you click copy paste) Click Copy and it will bring you back to previous screen Click Execute Select All user Click Transfer You...
 Continue Reading

Organizational Level Authorization Field

December 17, 2017  
ARBPL Work Center PLVAR Plan Version KOKRS Controlling Area BUKRS Company Code PRCTR Profit center IWERK Planning Plant SWERK Maintenance Plant EKGRP Purchasing Group EKORG Purchasing Org. WERKS Plant VKORG Sales Organization VTWEG Distribution Channel SPART Division VSTEL Shipping Point LGORT Stor. Loc. BERID MRP Area ...
 Continue Reading

SAP SECURITY - MASS CHANGE USER LICENSE VIA SU10

December 16, 2017  
SU10 > Authorization Data > User > Multiple Selection Choose copy from txt file (if you have it in txt format) or clip board (if you click copy paste) Click Copy and it will bring you back to previous screen Click Execute Select All user Click Transfer You...
 Continue Reading

SAP SECURITY : GRC maintaining Workflow CUA system

December 15, 2017  
Open http://domain.com/useradmin Login with an adminsitrator Enter an user ID and click  Go Default only display 5 row. To change go to Upper right of the browser and select 'SHOW ALL' Done ...
 Continue Reading

GRC does not process report real time. It has to be schedule as a job for RAR reporting to work.

December 13, 2017  
Schedule USER, ROLE, PROFILE SYNCHRONIZATION. This job is used for Batch Risk Analysis job later for reporting GRC > CONFIGURATION > SCHEDULE JOB > Check only the 3 below > Then click schedule button at the bottom Give a Job name > You may specify any options you...
 Continue Reading

SAP SECURITY EXPORTING USER EMAIL

December 11, 2017  
To extract user's email, you may search from table USR21 and ADR6 SE16 > USR21 and enter user ID Copy the PERNR (personal number)  SE16 > ADR6 and paste the PERNR You will get a list of email addres Alternatively, you may replace Table ADR6 with  PA0105 but this table...
 Continue Reading

SCUM SETTINGS - LOGON DATA TAB

December 10, 2017  
SCUM SETTINGS - LOGON DATA TAB has the following settings as below: Global You can only maintain the data in the central system. The data is then automatically distributed to the child systems. These fields do not accept input in the child systems, but can only be displayed....
 Continue Reading

GRC 5.3 Create Password Self Service

December 09, 2017  
GRC 5.3 - Create Password Self Service with Challenge Response with the following steps: GRC > CUP > Configuration > Self Service > Authentication Source : Challenge Response Select Service to Disable Verification: None  Scroll down > Create > Now add your questions > Save Repeat step 4...
 Continue Reading

GRC 5.3: Set Valid To Date to 12/31/9999 for new user

December 07, 2017  
GRC request result in valid to date of 12/31/9999 this can be done by: CUP > Request form customization > User Valid To > Set Default Value = * ...
 Continue Reading

SAP SECURITY AUTHORIZATION: S_TABU_DIS has no 01 Activity

December 05, 2017  
Given the high criticality and increasing complexity related to table access – SAP® has introduced a new authorization object for a more refined table access control. The authorization object S_TABU_NAM was introduced last year. This authorization object consists of two fields ACTVT (Activity) and TABNAME (name of table or...
 Continue Reading

Performance issue on MDG - Manual Pre Implementation Step (Note 1719803)

December 03, 2017  
Tcode PFCG, Edit the MDG role Click on Menu tab Expand the Hierarchy Go to Role Menu > Supplier Governance > Change Request > Search Supplier >  Right Click on WDY_Application - Enterprise Search  > Details Update Application configuration according to SAP note This is where you update...
 Continue Reading

Table usla04 to locate single role coming from which child system in CUA

December 02, 2017  
In CUA system, you can use table USLA04 to  check the role originates from which child system. SE16 Enter USLA04 ...
 Continue Reading

GRC 5.3 - Valid to date is always the current date during submission of a new request

November 30, 2017  
GRC 5.3 provision user with validity period the same day user was created. SU01 screen as below: In GRC you can see the following when request for a new account: This was cause by following settings in GRC 5.3 in Configuration > Field Mapping > LDAP Mapping >...
 Continue Reading

HOW TO SAP - Perform system trace for missing authorization

November 29, 2017  
How to perform system trace for authorization Execute tcode ST01 Check Authorization Check (you may select more) Click Trace On (Make sure to turn it off after you are done!) Now ask user to perform their task. *If there is more then one app server, go tcode SM51...
 Continue Reading

VIRSA - HOW TO export mitigation control

November 28, 2017  
SA38 or SE38 and execute  /VIRSA/ZVRAT_L03 Enter the following details: 3. Exported file looks like: ...
 Continue Reading

SOD Scan using /n/virsa/zvrat

November 26, 2017  
Tcode /n/virsa/zvrat Ok Enter userid Choose the system where user id was created Then execute If the system id was not found, you may add the system using those entries in SM59. To add, execute /n/virsa/zvrat_s16 Select Comp Calibrator Configuration Under Parameter 19, add in a new system...
 Continue Reading

GRC 5.3 SNC - Provision with upper case userid which cause SNC to fail

November 25, 2017  
GRC 5.3 is able to provision SNC settings to SU01 but USERID appears in upper case format as below: SNC is case sensitive, thus it will failed when user tried to login. Because GRC 5.3 convert user id to UPPERCASE as below: This can be resolved in two...
 Continue Reading
Pages (31)123456 Next
Subscribe to: Posts (Atom)
Designed By: Blogger Templates | Templatelib