Definition of workflows
In order to fully exploit the advantages of SAP NetWeaver as an integration platform, professional care and maintenance of the components by experienced SAP developers is indispensable. Only under these circumstances can IT operations meet the requirements and work quickly, flexibly, innovatively and cost-effectively.
Transporting transport orders from one system line to another or importing third-party transport orders into the SAP system is also an occasional task for an SAP basis administrator. As in my last blog post on system modifiability, I would like to offer you a way to quickly present this topic. So you will find a step-by-step guide which you can follow if you have already understood the content of the topic, but only the steps need to be taken. What are the requirements? Transport orders include two files, titled "data" and "cofiles". These files consist of a six-character alphanumeric combination and a file extension, which often represents the system from which the files were exported. The first character is always a K (the cofiles file) or an R (the data file). For our example we call the files K12345_DEV and R12345_DEV. These files are of course needed for an import into your own SAP system. Furthermore, you need access to the file system or the SAP directories, as they have to insert the above files there manually. In addition, the transaction STMS is required in the SAP system because it attaches the transport orders to the import queue. Now, if you have all of this available, we can start with the import: What is the procedure? Operating System Level Preparation. The first step is to copy the files to the transport directory of the SAP system. This is usually below /usr/sap/trans, but can be changed individually depending on the system. If you want to make sure that you are working in the correct directory, you can look in the transaction AL11 to see which directory is specified under "DIR_TRANS". This is the right directory to work on. Here the existing files are copied into it, namely the cofiles file (K12345_DEV) in the cofiles folder (/usr/sap/trans/cofiles) and the data file (R12345_DEV) in the data folder (/usr/sap/trans/data). Note: In this case, especially for companies with multiple systems on multiple servers, the access permissions and the file owner need to be changed so that the import in the target system does not cause problems.
SM35 Batch input: session overview
However, the tasks also include strategic and planning aspects. For example, administrators define requirements and standards, select and control upgrades or enhancements, implement monitoring processes, and take care of necessary backups and emergency management.
Remove weak password hashes from the system: Only updating the profile parameter does not provide you with the necessary security. There are still many weak hash values in your database that can be used to attack your system. These must be completely removed from the database. To do this, use the report CLEANUP_PASSWORD_HASH_VALUES. To do this, call the transaction SA38 and enter the name of the report in the input field. Run or F8 executes the programme and cleans your database Report CLEANUP_PASSWORD_HASH_VALUES This programme removes the outdated hash values across all clients. Have you already experienced this attack method or any other comments on this topic? Share your experiences with us in the form of a comment under this article.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
Even though classic SQL injection, i.e., the entry of extended SQL commands, is a potential security vulnerability, it occurs rather rarely in SAP systems.
With the help of SNC, you can create end-to-end encryption (E2EE), which can be used to secure communication between two components, such as between the application server and SAP GUI.