This website is not affiliated with, sponsored by, or approved by SAP AG.

SOS

SAP Security

Moderators: Snowy, thx4allthefish, jurjen

SOS

Postby Blaster » Tue Mar 25, 2014 7:03 am

Hi,

I am testing the Security Optimization Self-service in SOLMAN.

Does anyone know where the values for the ST14 extract can be seen? I would like to see what authorization objects that are actually checked for the different entries in the final report.

Also, there are some SAP checks defined in ST13 for HR area, but the report shows two additional HR checks that are not in ST13, but following the same number range. So I guess these are from ST14, but I have got no way of proving this.

/Blaster
Blaster
 
Posts: 189
Joined: Tue Mar 14, 2006 8:02 am

Re: SOS

Postby os » Thu Apr 03, 2014 4:52 pm

In St13 you can select SOS_CUSTOMER_DATA with flag "SAP Data" and see what is checked.

That is used for the query execution, but is local data.

St14 is the result from the remote system. You will not see the query parameters anymore of that remote system.

If additional things appear then they are probably hardcoded... :-)

We wrote our own derivation of it for the customer part which respected OOAC settings and called it a day. Actually we used the SUIM data and it's APIs (see SAP note 1930238) and not SOS data and made it remote enabled for central monitoring and added the HR, BW, cFolder and SACF logic to it.
os
 
Posts: 469
Joined: Wed Dec 21, 2005 10:51 am

Re: SOS

Postby Blaster » Wed Apr 23, 2014 4:09 am

Thank you for mentioning note 1930238.

I did some digging around in the program logic behind ST14 and indeed the checks are hardcoded :)
Blaster
 
Posts: 189
Joined: Tue Mar 14, 2006 8:02 am

Re: SOS

Postby os » Wed Aug 06, 2014 4:15 pm

There are a few BC and HR things which are hardcoded in several places in SAP programs and LDBs and a few also in the kernel now. That means that the check is not optional.
os
 
Posts: 469
Joined: Wed Dec 21, 2005 10:51 am


Return to SAP Security

Who is online

Users browsing this forum: No registered users and 2 guests





This website is not affiliated with, sponsored by, or approved by SAP AG.