Application of support patches, upgrades and installation of add-ons
The coverage of old core tasks (such as security or compliance) and new core tasks (such as cloud or mobility) must be increased in the sense of a holistic consideration. This means that certain tasks must be considered not only in the context of the SAP basis, but also in the overall context.
Without this provisioning component, adjustments to employee permissions in the respective IT resources would have to be implemented by the relevant system administrators. However, manual provisioning processes are by their very nature a source of errors. If an employee's tasks change, the system administrator should consider all active user accounts when modifying and deleting accounts. A modern IDM system therefore helps companies to keep track of users and their permissions, especially in complex and heterogeneous system landscapes.
Many companies are struggling with the introduction and use of secinfo and reginfo files to secure SAP RFC gateways. We have developed a generator that supports the creation of the files. This blog post lists two SAP best practices for creating the secinfo and reginfo files to enhance the security of your SAP gateway and how the generator helps you do this. secinfo and reginfo Request generator Option 1: Restrictive procedure In the case of the restrictive solution approach, only in-system programmes are allowed. Therefore, external programmes cannot be used. However, since this is desired, the access control lists must be gradually expanded to include each programme required. Although this procedure is very restrictive, which speaks for safety, it has the very great disadvantage that, in the creation phase, links which are actually desired are always blocked. In addition, the permanent manual activation of individual connections represents a continuous effort. For large system landscapes, this procedure is very complex. Option 2: Logging-based approach An alternative to the restrictive procedure is the logging-based approach. To do this, all connections must be allowed first by the secinfo file containing the content USER=* HOST=* TP=* and the reginfo file contains the content TP=*. During the activation of all connections, a recording of all external programme calls and system registrations is made with the gateway logging. The generated log files can then be evaluated and the access control lists created. However, there is also a great deal of work involved here. Especially with large system landscapes, many external programmes are registered and executed, which can result in very large log files. Revising them and creating access control lists can be an unmanageable task. However, this process does not block any intentional connections during the compilation phase, which ensures the system will run non-disruptively.
The HANA database (in-memory database) is an in-house development by SAP and brings with it numerous innovations. For example, it is automatically monitored by the system. In addition, it stores not only operational (user-generated) data, but also system data for controlling application content as well as configuration tables.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
In addition to the existing features, there will be in the future such as SME-Cloud, SME-SAP-HANA/Databases, SME-Supplier-Management, SME-Security, SME-Compliance, SME-Landscape-Virtualisation-Management (SME-Landscape-Virtualisation-Management) and SMESolution-Manager.
When I began my career administering SAP ERP on Oracle in the early 1990s, running a database required far more knowledge.