Search found 2426 matches

by Al.
Sun Nov 03, 2013 8:06 am
Forum: SAP Security
Topic: Authorization control by specific customer
Replies: 2
Views: 3730

Re: Authorization control by specific customer

Hi,

Have a look at F_KNA1_GRP and/or F_KNA1_BED to see if either provide what you are looking for
by Al.
Wed Oct 16, 2013 2:13 am
Forum: SAP Security
Topic: Release Strategy Role Fail
Replies: 1
Views: 3322

Re: Release Strategy Role Fail

Hi,

Firstly is there an auth check for the release strategy happening in the first place?
There are a few config steps required to make it work OK
by Al.
Thu Sep 12, 2013 9:20 am
Forum: SAP Security
Topic: Where are the authorization specialists located?
Replies: 4
Views: 5115

Re: Where are the authorization specialists located?

Hi,

My clients have them in lots of places:

Operational Support/Functional Support
Competency Centres (various different ones)
Basis (within IT support structures)
Finance (honestly)
General SAP Administration functions
by Al.
Thu May 23, 2013 4:33 am
Forum: SAP Security
Topic: p_orgin vs p_orgincon
Replies: 1
Views: 6990

Re: p_orgin vs p_orgincon

Hi Count

1. Yes, no problem.
2. If you don't need context then don't do it. If you do then make the full switch. KISS as always
3. Happy to hook you up with one of my team who is a guru in this area. Just PM me.

Cheers
by Al.
Fri Apr 19, 2013 7:34 am
Forum: General Talks
Topic: BEWARE LONDONERS! (And people around London this weekend)
Replies: 10
Views: 10103

Re: BEWARE LONDONERS! (And people around London this weekend)

That looks very cool. I am surprised that it hasn't been outlawed in the UK as it contravenes some daft Heath & Safety regulation :(
by Al.
Fri Apr 19, 2013 5:28 am
Forum: General Talks
Topic: BEWARE LONDONERS! (And people around London this weekend)
Replies: 10
Views: 10103

Re: BEWARE LONDONERS! (And people around London this weekend)

Damn. I'm only 10 minutes away from Tooley Street but can't get out of the office for 12. To atone for it I will have to drink some Estrella Damm over the weekend.
by Al.
Thu Apr 11, 2013 7:21 am
Forum: Job Postings/Resumes
Topic: Apple/Wipro and others
Replies: 6
Views: 3066

Re: Apple/Wipro and others

It's quite a common model in Europe. A few of the offshore implementers will hire for the implementation with a view to going into support. On a 5 year support contract it's a reasonable risk to take on perms considering the natural rate of attrition and the likelihood of being able to redeploy. End...
by Al.
Wed Apr 10, 2013 1:18 pm
Forum: SAP Security
Topic: SoD - Authorization Objects
Replies: 5
Views: 6587

Re: SoD - Authorization Objects

Hi, Tools generally take 2 approaches - 1. Take proposal values from USOB* and let you choose which to include 2. Rely on someone else having done the hard work already (typically through option 1) Generally you end up with a subset of the SU24/USOB* values (i.e. you only need to know the main contr...
by Al.
Tue Mar 05, 2013 9:26 am
Forum: SAP Security
Topic: What is the best way to do bulk indirect role removals?
Replies: 3
Views: 2661

Re: What is the best way to do bulk indirect role removals?

Hi James,

I'm no HR guru so bear with me. Would it be possible to put a script around RHRHDC00 to allow you to remove the required roles? There is a bit of info here which goes into more detail: http://scn.sap.com/thread/1808806
by Al.
Fri Dec 21, 2012 4:54 pm
Forum: SAP Security
Topic: RABAX_STATE error in GRC AC 10
Replies: 2
Views: 6929

Re: RABAX_STATE error in GRC AC 10

What does the ST22 log say. RABAX_STATE error is a common one.
by Al.
Fri Dec 14, 2012 8:16 am
Forum: SAP Security
Topic: SAP USER license audit
Replies: 1
Views: 2305

Re: SAP USER license audit

Can they share an ID? Not in a standard licence agreement. Have you negotiated additional terms?

Will the licence audit spot it? Unlikely
by Al.
Thu Dec 13, 2012 11:31 am
Forum: SAP Security
Topic: authorization issue in acc period
Replies: 3
Views: 2772

Re: authorization issue in acc period

There are a few options:

All the info you need is in here:

http://scn.sap.com/thread/1645162

You can find even more solutions if you perform a an internet search on "OB52 restrict company code"
by Al.
Mon Dec 10, 2012 11:49 am
Forum: SAP Security
Topic: Limit the use of S_RFC - RFC1
Replies: 9
Views: 5274

Re: Limit the use of S_RFC - RFC1

Hi Baz, If your interfaces are being rejected then I would propose that they build you a proper user that is restricted to the correct table auth groups. If they are going to get pedantic about the FM's that could be used then I would expect them to provide an answer! Obviously without knowing the i...
by Al.
Thu Dec 06, 2012 4:43 am
Forum: SAP Security
Topic: Limit the use of S_RFC - RFC1
Replies: 9
Views: 5274

Re: Limit the use of S_RFC - RFC1

Hi Fish,

I would very very worried if S_RFC wasn't there :-)
I assumed Baz was referring to the explicit definition of the function modules. Agree with you that FUGR should be more than adequate though.