SM36 Define job
What does an SAP administrator need to be able to do?
Significant changes have also been brought about by SAP's cloud strategy. For example, the latest products such as SAP HANA and SAP S/4HANA are available entirely as cloud solutions.
This makes the technical user the dialogue user and a login in the SAP system is unrestricted. So Johannes logs in with the known password of the RFC user in the production system. Thanks to very extensive permissions, it now has access to all sorts of critical tables, transactions, and programmes in production. With the identity of the RFC user Johannes starts with the technical compromise of the production system... RFC Security: All invented - or everyday threat? Whether a simple trim, altered biometric properties or an encapsulated technical user in the SAP system: the basis of the compromise is the same. A person uses a different identity to gain access and permissions to protected areas. Moreover, the evil in all three stories could have been prevented by pro-activity. When was the last time you thought about the security of your RFC interfaces? Can you say with certainty that all your technical RFC users only have the permissions they actually need? And do you know who exactly knows the passwords of these users? Can you 100% rule out that not now in this moment an SAP user with a false identity infiltrates your production systems? Change now: It's about pro activity! But before you start now and start looking for the "identity converter" (which I really do not recommend!), I suggest that you take root of evil and proactively strengthen your RFC security. So if you want to find out more, I have the following 3 tips for you: 1) Our e-book about SAP RFC interfaces 2) Clean up our free webinar about RFC interfaces 3) Blog post about our approach to optimising RFC interfaces As always, I look forward to your feedback and comments directly below these lines!
Cooperation with internal support
Examples of names are: SAP Cross-Application, SAP Innovation & Technology, SAP Services & Innovation, SAP Operations & Innovation or SAP Service Provider & Business Innovator. DESCRIPTION OF OWN PERFORMANCE AND SERVICE PORTFOLIO In order to be consulted by upstream or downstream entities, it is necessary to provide a detailed and understandable description of your service portfolio. This means that it can be explicitly stated in which cases the SAP basis needs to be contacted and involved in order to make the necessary decisions and not jeopardise a project or company success. In addition to the range of tasks covered by the SAP basis, it is also necessary to specify for which tasks and topics the SAP basis is not responsible. This recommendation is to be considered as universal and applies to all IT departments in order to clearly distinguish them and document the performance of their own IT organisation. INTERNAL MARKETING DESIGN AND ESTABLISH Building on the recommendation [A3], it is recommended to design and establish an internal marketing. The aim is to provide a transparent picture of the activities carried out in terms of the company's success and which are not visible to everyone.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis: "www.sap-corner.de".
It is also necessary to check whether a user should (still) have a specific role.