SAP Applications
Creation and implementation of the milieu according to the best SAP practices
There are the following reasons that may lead to the termination of this step: TP_INTERFACE_FAILURE: Unable to call tp interface. TP_FAILURE: The tp programme could not be run. For more information, see the SLOG or ALOG log file. CANNOT_IMPORT_DDIC: Unable to import ABAP Dictionary. See the Dictionary Import Log for the cause of the error. AUTO_MOD_SPDD This step checks whether modifications to ABAP Dictionary objects can be adjusted automatically. RUN_SPDD_? This step prompts you to customise your modifications to ABAP Dictionary objects by calling the transaction SPDD.
The security of an SAP system requires protection against unauthorised access, e.g. through the secinfo and reginfo files. A cleanly implemented authorisation concept protects against attacks within the SAP system. However, it is also possible to attack your SAP system via the network. Through the RFC Gateway Server, your system communicates with external servers and programmes. One particularly effective way to protect against this are so-called Access Control Lists (ACL). Find out what this is and how you can use it to better protect your SAP system. The SAP Standard offers different approaches for gate protection. All methods combined can provide even greater safety. For example, it is possible to use Access Control Lists (ACL) to monitor exactly which external programmes and which hosts can communicate with the gateway. Another option is to configure the gateway to support Secure Network Communication (SNC). Finally, there are various security parameters for the gateway. This article focuses on the use of ACL files such as secinfo and reginfo files. What is an ACL? Access control lists are files in which permitted or prohibited communication partners can be recorded. For the gateway to use these ACL files, parameters must be set in the default profile of the SAP system and of course the files must be maintained accordingly. With the help of logs and traces, which can be configured for this purpose, a precise investigation can be made in advance of the activation, which connections currently run via the gateway. This allows them to prevent important applications with which your system communicates from being blocked by the ACL files. The rules in the ACL files are read from top to bottom of the gateway to decide whether to allow a communication request. If none of the rules matches the requesting programme, it will be blocked. Network-based ACL The network-based ACL file contains permitted and prohibited subnets or specific clients.
Migration
I recommend that you schedule the background job PFCG_TIME_DEPENDENCY with the report RHAUTUPD_NEW. Scheduling the RHAUTUPD_NEW report with two variants has proven to be a best practice: Once a day before users log on for the first time (e.g. midnight or very early in the morning). This way the users are synchronized once a day. Once a month (or even once a week) with the option "Perform cleanup", so that obsolete profiles and user mappings are regularly cleaned up. Also handy: If the naming conventions of your roles allow it, you can also align the report according to different time zones. For example, I have a customer who runs the user synchronization for his users in the USA and Asia at different times, so that the daily business of the respective users is not disturbed.
Companies face a major challenge. The world is not going digital, but it is already. The age of digitisation and the related technological changes, as well as the demands of customers, bring new opportunities and new challenges for companies. In addition, the product strategy is changing, including that of SAP. In order to achieve the associated goals of the company and to implement them as effectively and efficiently as possible, the SAP basis must contribute to the design of an IT roadmap and to the design of the digitisation and also cloud strategy. A detailed review of the IT Roadmap recommendation is carried out within the master thesis in chapter 7.9.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
To create a parameter transaction, navigate to the SE93 first.
It ensures that the necessary services and foundations are provided for the SAP system and all applications.