Provision resources in minutes instead of weeks
SAP Basis Service
A well-cared-for emergency user concept enables the audit-proof allocation of extended permissions in combination with the assurance of daily operations in your company. This article first addresses the fundamental issues that require an emergency user approach. It then briefly explains how such a concept works in general and how we implement it. An Emergency User is normally used when tasks are temporarily taken over outside the initial field of activity. I described the different scenarios of when such a user can be used and how to deal with them in this blog post for you. Why is an emergency user approach important? There are several scenarios in which the use of an emergency user with extended rights is useful: In urgent cases, it is often necessary to be able to quickly make changes to the system that are outside the user's actual field of activity. A key user who has the necessary permissions is on vacation and needs a representation. The same user suffers short-term illness and his/her representative must take over his/her duties to ensure the operation. We recommend developing a concept for the short-term allocation of the additional permissions. This will ensure the implementation of the above scenarios. How does an emergency user approach work? An emergency user concept in SAP works fundamentally via a temporary assignment of additional rights to a specific user. After the tasks have been completed, the user is deprived of the rights. The tasks performed with the extended permissions are logged and can then be evaluated by an auditor. However, there are a few things to keep in mind: A process for granting special rights should be defined. It must be specified which users can get special rights. The time period for which users can request an emergency user should be limited.
When I began my career administering SAP ERP on Oracle in the early 1990s, running a database required far more knowledge. An Oracle administration expert with a decade of experience understood perhaps only about 5% of what the database required.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
AL08 System-wide list of user sessions
To evaluate the log files, please use transaction RSAU_READ_LOG. If you archive the security audit log files you can read them using transaction RSAU_READ_ARC.
SAP Basis is structured as a classic three-tier model. It contains the following components:
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
Many companies are struggling with the introduction and use of secinfo and reginfo files to secure SAP RFC gateways.
The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
The activities with the emergency user are logged in a revision-proof manner.