Introduction
A security policy is a collection of security policy attributes and their values. This definition replaces the definition of behavior with profile parameters: once a security policy is assigned to a user master record, this determines th...
Risk zone !
The password hash algorithm used by ABAP based systems had evolved over time. Older hash algorithms are seen as weak nowadays and you should get rid of any such weak password hashes.
References:
Blog SAP password hashes security from...
The Security Optimization Service (SOS) is designed to check the security of your SAP system (see Introduction to Security Optimization Service (SOS) – Security health Check report).
The SOS report shows two tables with results and findings.
In the...
You can increase the security of your system landscape with the Trusted RFC concept (see Trusted Systems: Maintain Trust Relationships Between SAP Systems). This blog describes how Trusted RFC can be configured securely.
Some well-known impacts of i...
You can use SAP NW Identity Management to develop a central password self-service applications which can be used by all users to set their password in various backend systems. Well, I agree that implementing Single Sign-On is always better than deali...
>Hi @Frank_Buchholz, due to the latest SAP Community update,>the layout of your blog post looks horrible now (huge blank spaces),>if you don't mind could you fix it please?@Sandra_Rossi Ho Sandra,I've no idea what I can do about this ugly change: I c...
Hi Diego,
yes, I'll talk about this note in the monthly Security Notes Webinar (13.12.2023 ASUG / 14.12.2023 Enterprise Support and DSAG) and will tell something like this:
If you just use BTP services (as in SAAS scenarios) but not develop own app...
Today I posted a fix on GitHub about the extra green icons in the PWDSALTEDHASH column that are showing up in some cases for the USH02 table. The problem is even visible in the screenshot above, where you see three icons for the entries with code ver...
Thank you for your comment. I guess it's a program error: WHEN 'snc_per_logon.sncMode' OR 'snc_base_info.mode'.
usr_tabl_alv-snc_mode = usr_info-value.
tmp_field_col-fieldname = 'SNC_MODE'.
tmp_field_col-color-in...
Let's check some code:- The report R_JR_BTCJOBS_GENERATOR belongs to package "Technical Job Repository". The report generates standard jobs. I could imagine that this includes a RAL job.- The Security Audit Log message BU0 "RAL configuration access: ...