Redirect to a url in case of logon failure
Dear security experts, in my current project we have a challenge to set up redirect url for failed logon attempt. The scenario is as below: there are 2 applications in the landscape: a Hybris...
View ArticleHow can i activate TLS 1.1+ on SAP AS JAVA 7.31 client-side?
I only know sap note"510007 - Setting up SSL on Application Server ABAP". If i apply the informations of this note to AS JAVA, "The built-in defaults for the client-side enables only SSLv3 + TLSv1.0...
View ArticleMass deletion of roles from users
I want to delete all roles from locked users. Is there a specific transaction for this instead of SU10? In SU10 one has to enter the roles to remove.
View ArticleSAP AS Java affected from commons-collection vulnerability?
Dear all, we are running an PI AEX (AS Netweaver Java 7.4) and I recently heard about this vulnerability: What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This...
View ArticleQuiz: understanding security policies in SAP (SECPOL)
Scenario:Imagine your SAP system (1 application server) is running with the following system profile parameter settings (RZ10): Kernel default values:login/min_password_digits = 0login/min_password_lng...
View ArticleEmail Alert Inquiry
Hello, Is it possible to send an email alert either via CCMS or Solman upon a succesful user logon from ABAP system. The trigger would be for a distinct list of users. The audit log is configured and...
View ArticleAssin.: erro "ssf_krn_invalid_par" na função SSFW_KRN_ENVELOPE
hello, after a homogeneous system copy, I get the following error on document certification:Assin.: erro "ssf_krn_invalid_par" na função SSFW_KRN_ENVELOPE I've found note "2015422 - Error...
View ArticleNo authorization to logon as a Trusted System (L-RC=0 T-RC=2)
Hello colleagues, Not sure if this is the right place to ask, as this is kind of connectivity and security issue at the same time.The issue is that I'm unable to Process an IDoc, whiich is arrived from...
View ArticleHow can I find the username of the person who assigned a role at the job level?
During my nightly user reconciliation job, 3 roles were assigned to numerous users within the same jobid. I need to determine, who assigned the roles to the job. Can someone please shed some light on...
View Articlemass generation of profiles of customize role in sap
Dear All, I am unable to generate mass profile for customize roles in SUPC.After pressing Generate button its showing "Choose at least One role".
View ArticleRestricting SM35 by Program Name
Dear All, Does anybody know a way to restrict what programs can be released/executed from transaction SM35. When I run a trace I find the below: UserProgram NameCheckResultObjectField 1Value 1Field...
View Articleimport_own_cert Installation of certificate failed
Dear Expert, We want to configure SSL for SAP Web Dispatcher and we have followed the following steps: 1.Create the Web Dispatcher Server PSE and generate a CSR sapgenpse.exe get_pse -p...
View ArticleAdding Multiple Users to a PORTAL Group
We are on Netweaver Portal 7.0. LDAP used to sync with R/3. Task is to assign PORTAL group to multiple users in PORTAL. Unable to find option where users can be assigned to the PORTAL group at one go....
View ArticleGraphical modeler - CRM Web UI
CRM Web UI.SAP CRM ABAP 7.0WEBCUIF 701 0006 SAP Web UI Framework When choosing a segment in a Marketing Campaign, then Edit Segmentation Model, I receive a message saying "You are not...
View ArticleMaster role set up
We are trying to set up master roles as well as derived roles off the master ones to give access only to certain company codes.Currently we are using a range of companies in the master role (i.e. AB01...
View ArticleClik here to view.
Tcodes description in menu is not visible
HI Folks , I have one serious problem in solman system that after adding the tcodes in the menu we are not able to see its description. although we have clicked the + button also Due to which its...
View ArticleWeblinks in the Menu tab of role is not visible !
Hi, Can anyone help me to know how weblinks description will be available in the menu tab of the role in sap?
View ArticleRestrict approver to approve his on requests
Hi, We are working on MDG Security for customer and I am new to security. We have a case where approver should not approve his own requests. How do we restrict that in SAP? Can anyone help?
View ArticleClik here to view.
Security Level of Kerberos / SPNego Algorithms?
Dear all,some algorithms got a bad reputation over lasts months and years. I am no algorithm expert but do some research on recommendations, standards and regulations to give some guidance to our...
View ArticleZero-Day exploit at Java lib Common Collections
Hi Gurus, I found the a post stating there is a Zero-Day exploit in the common collections function InvokerTransformer. Found by Gabriel Lawrence and Chris Frohoff shown in their presentation....
View Article