HOW TO SAP

BDOC and IDOC – What are they?

June 25, 2019  
What BDOCS and IDOCS.
IDOCS are intermediate documents (normally in text file format) which are used as between SAP and non-SAP system. In a real work, a company may have different systems. So IDOCS are used as a vehicle encapsulate these data so these systems can exchange information.
Eg: During POS, IDOCS are generated and it includes price, number of items, description and etc. Then its transfer ASYNCHRONOUSLY to SAP system. Think of it like excel exporting a file to *.csv and then Outlook can read the *.csv file.
BDOCS on the other hand, is the CRM version of IDOCS. BAPI is another SAP intermediate documents but its used for SYNCHRONOUS transactions.
In the computer world, we called such activity as ELECTONIC DATA INTERCHANCE (EDI)
 Continue Reading

SAP Basis: How to Check ABAP Dumps Message Type X

June 18, 2019  
Steps:
  1. Execute ST22 > Double click on any entries
    0001-dumps-msg-x-001
  2. Go to Source Code Extract
    0001-dumps-msg-x-002
  3. Locate “>>>>” and you will see Message X041 in this example. Take note of the Message class and number.
    0001-dumps-msg-x-003
  4. Now open SE91. Enter the details we found from Source Code Extract in ST22:
    -Message Class: RD
    -Message Number: 041
    Click Display
    0001-dumps-msg-x-004
  5. Here, we determine what the message indicates
    0001-dumps-msg-x-006
  6. Now we know that the ABAP Dump message type X is due Extract Structure does not exist at the time of transport. Informed the ABAP consultant or Function consultant about this issue.
 Continue Reading

Most common SPOOL error encountered by BASIS. How do we resolve this issue?

June 11, 2019  
Steps
  1. Execute SM37. You found an error Job. When you double click you found
  2. You saw the below error
    0002-spool-error-param1-001
  3. This error is caused by job spooler is not defined when job creation hence it picks up the job owner’s default output device.
  4. Since the default output device is no populated on master user record, the job log can’t find the print parameter.
  5. To resolve the issue, please populate the output device and select your preference for your SAP spool request via transaction code SU3.
  6. For Output device, you can choose one of SAP printer which has been defined in SAP (you can look at via transaction code SPAD)
  7. Recommendation: please do not select LOCL if you want to opt ‘Output immediately’. Moreover, this output device is not good for network performance
  8. Select ‘Output immediately’ if you want to immediate print for every spool request that you create in SAP. Recommendation: do not select this.
  9. Select ‘Delete After Output’ if you want SAP to delete every spool that you create. Recommendation: do not select this. You can manage your spools e.g. printing, reprinting, deletion, etc via transaction code SP01 as below:0002-spool-error-param1-002
 Continue Reading

3 SAP HANA Security Best Practices

June 07, 2019  

1 – Operate on a least access rights model. The more access an employee has, the more potential damage they could do to your organization — either through an inadvertent breach or an intentional leak. Because SAP applications play such an integral role in the organization financials, businesses need to restrict each user to the information needed to do their job.
Even display access or access to seemingly innocuous information can potentially expose the organization, and needs to be controlled in line with SAP HANA security best practices. For example, a glance at a bill of materials could show competitors what products the company is working on, or even what it takes to construct a cutting edge project from the ground up.
2 – Ensure you have the right expertise. In previous versions of SAP, all users would interact through the SAP GUI, and use it to access a wide range of SAP applications and development tools. With SAP HANA, users who needs direct access to the database will leverage SAP HANA Studio or SAP Web IDE. Traditionally SAP permissions are controlled via “transactions” and “authorizations.” Inside an SAP HANA database, however, they’re called “privileges.”
They’re conceptually similar but the implementation is different. An ABAP backend Netweaver administrator will have a rather large learning curve to understand how the administration is performed within the SAP HANA database. For example, administration in a HANA database is performed via SQL statements, which can be generated via SAP HANA Studio or SAP Web IDE. This is one of many reasons organizations should consider moving to an IT managed services model after an SAP HANA migration.
3 – Understand how HANA handles objects. HANA applications are built out of development objects, which are stored in the HANA repository. When user and role administration is performed as design-time objects, the roles are owned by the technical user, so personnel can change without affecting the objects. That means they can be transported and versioned, even if the database user changes.
If roles are created as runtime objects, however, they’re associated with the database user — i.e. the actual person who created the role. If that person leaves the organization and is deleted from the database, their role creations and assignments are deleted with them, which can be catastrophic.
Stay safe in SAP HANA. Although security principles vary little between applications, the implementations and knowledge base required do. SAP HANA security best practices require a combination of security expertise and experience and HANA-specific knowledge. Whether you’re looking for an SAP security services partner, or just need someone to get your admin up to speed, contact us to learn how Symmetry can help.


Source https://symmetrycorp.com/blog/3-sap-hana-security-best-practices/ Continue Reading

Video - SAP HANA Creating a User with Schema access

June 06, 2019  

https://www.youtube.com/watch?v=L_ICwmBycdQ

 Continue Reading

How to create user in SAP

June 04, 2019  
Steps
  1. Execute SU01
  2. Enter user name and press CREATE (notepad)
    0003-creat-user001
  3. Enter necessary details such as Firstname and Lastname
    0003-creat-user002
  4. Click on Logon Data Tab and enter password a password eg: enjoysap123
    0003-creat-user003
  5. Click Save (floppy disk icon). Now you can informed the user that his/her account has been created.
 Continue Reading

How to create User in SAP HANA - Assign Role and Activate User

June 02, 2019  
SAP HANA Security is to protect important data from unauthorized access and ensures that the standards and compliance meet as security standard adopted by the company.

SAP HANA Provide following security-related feature –
  • User and Role Management
  • Authorization
  • Authentication
  • Encryption of data in Persistence Layer
  • Encryption of data in Network Layer

CREATE USER IN SAP HANA
  1. Create User in SAP HANA- only database user with ROLE ADMIN privileges can create user and role in SAP HANA.
    Step 1) To create new user in SAP HANA Studio go to security tab as shown below and follow the following steps;
    1. Go to security node.
    2. Select Users (Right Click) -> New User.
    SAP HANA Security: Complete Tutorial
    Step 2) A user creation screen appear.
    1. Enter User Name.
    2. Enter Password for the user.
    3. These are authentication mechanism, by default User name / password is used for authentication.
SAP HANA Security: Complete Tutorial
By Clicking on the deploy SAP HANA Security: Complete TutorialButton user will be created.
2. Define and Create Role
A role is a collection of privileges that can be granted to other users or role. The role includes privileges for database object & application and depending on the nature of the job.
It is a standard mechanism to grant privileges. Privileges can be directly granted to the user. There are many standard roles (e.g. MODELLING, MONITORING, etc.) available in SAP HANA database.
We can use the standard role as a template for creating a custom role.
A role can contain following privileges –
  • System Privileges for administrative and development task (CATALOG READ, AUDIT ADMIN, etc.)
  • Object Privileges for database objects (SELECT, INSERT, DELETE, etc.)
  • Analytic Privileges for SAP HANA Information View
  • Package Privileges on repository packages (REPO.READ, REPO.EDIT_NATIVE_OBJECTS, etc.)
  • Application Privileges for SAP HANA XS applications.
  • Privileges on the user (For Debugging of procedure).

CREATE ROLE IN SAP HANA
Step 1) In this step,
  1. Go to Security node in SAP HANA System.
  2. Select Role Node (Right Click) and select New Role.
SAP HANA Security: Complete Tutorial
Step 2) A role creation screen is displayed.
SAP HANA Security: Complete Tutorial
  1. Give Role name under New Role Block.
  2. Select Granted Role tab, and click "+" Icon to add Standard Role or exiting role.
  3. Select Desired role (e.g. MODELLING, MONITORING, etc.)
STEP 3) In this step,
  1. Selected Role is added in Granted Roles Tab.
  2. Privileges can be assign to the user directly by selecting System Privileges, object Privileges, Analytic Privileges, Package Privileges, etc.
  3. Click on deploy icon to create Role.
SAP HANA Security: Complete Tutorial
Tick option "Grantable to other users and roles", if you want to assign this role to other user and role.


GRANT AND ASSING ROLE TO USER IN SAP HANA
STEP 1) In this step, we will Assign Role "MODELLING_VIEW" to another user "ABHI_TEST".
  1. Go to User sub-node under Security node and double click it. User window will show.
  2. Click on Granted roles "+" Icon.
  3. A pop-up will appear, Search Role name which will be assign to the user.
SAP HANA Security: Complete Tutorial
STEP 2) In this step, role "MODELLING_VIEW" will be added under Role.
SAP HANA Security: Complete Tutorial
STEP 3) In this step,
  1. Click on Deploy Button.
  2. A Message " User 'ABHI_TEST" changed is displayed.
SAP HANA Security: Complete Tutorial


RESET SAP HANA USER PASSWORD
If user password needs to reset, then go to User sub-node under Security node and double click it. User window will show.
STEP 1) In this step,
  1. Enter new password.
  2. Enter Confirm password.
SAP HANA Security: Complete Tutorial
STEP 2) In this step,
  1. Click on Deploy Button.
  2. A message "User 'ABHI_TEST" changed is displayed.
SAP HANA Security: Complete Tutorial


REACTIVATE / DEACTIVATE SAP HANA USERS

Go to User sub-node under Security node and double click it. User window will show.
There is De-Activate User icon. Click on it
SAP HANA Security: Complete Tutorial
A confirmation message "Popup" will appear. Click on 'Yes' Button.
SAP HANA Security: Complete Tutorial
A message "User 'ABHI_TEST' deactivated" will be displayed. The De-Activate icon changes with name "Activate user". Now we can activate user from the same icon.
Source:
https://www.guru99.com/sap-hana-security.html

 Continue Reading

What is SAP Authorization?

June 02, 2019  
Authorization in SAP means giving users access right to a T-Code. Using T-Code PFCG allows Basis to change user’s authorization inside a T-Code. By adjusting the object you also can control user’s activity such as display, edit, or change certain field in the T-Code.
A Role Is created with the profile generator and allows the automatic generation of an authorization profile. The role contains the authorization data and the logon menu for the user.
When we have a few roles, we can group them up as Composite role.
 Continue Reading
Subscribe to: Posts (Atom)
Designed By: Blogger Templates | Templatelib