RE:[sap-security] SAP Security
Posted by
Admin at
|
Share this post:
|
|
0 Comments
Posted by SAP_Secure(SAP NW Security Consultant)on 06/18/2009 12:38:00 AM
Hi Taurian
As mentioned, sap_all is like playing with a stick of dynamite since it gives so much access within sap. In addition to restricting PFCG/su01 authorizations, you will also need to pay atention to spro access and OY20 - OY28 tcodes which relate to ID's/roles and for sm59 you can go drill down from the WExx tcodes and get to RFC maintenance without going thru sm59 atleast within ERP2005 versions. You could set up a Display only access but not sure if they would be useful and again, that is still alot of access even for Display only.
Chris sugg __.____._
Copyright © 2009 CEB Toolbox, Inc. and message author.
Toolbox.com
4343 N. Scottsdale Road
Suite 280
Scottsdale, AZ 85251
Toolbox.com
4343 N. Scottsdale Road
Suite 280
Scottsdale, AZ 85251
Related Content
In the Spotlight
White Papers
In the Spotlight
How Can Predictive Analytics Drive Competitive Advantage? Find out here
View this post online
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
