11-10-2008 3:29 PM
Hi gurus,
I want to ask a question. We want to implement the security suggestions in SAP Web AS Security guide. In section "Protecting Standart Users", it tells about the user group SUPER.
When I searched in the system there is no user group called SUPER. Are we going to create the SUPER user group manually?
Best Regards
Tolga AKINCI
11-10-2008 4:41 PM
> Are we going to create the SUPER user group manually?
That depends on you. You can do this in tcode SUGR.
Unfortunately the group name was hardcoded in certain places using value 'SUPER', which in my opinion was (as hardcoding seldom is) not wise.
What works quite nicely is a naming convention, for example:
ZZZ9 - Standard Super Users.
ZZZ8 - Own Custom Emergency Users.
ZZZ7 - Standard RFC Users.
ZZZ6 - Own Custom RFC Users.
ZZZ5 - System Job Users.
ZZZ4 - Business Job Users.
...
etc etc.... keep going until you reach 'ZIMBABWE', in which case you should stop if you are using country names as user groups...
Cheers,
Julius
11-10-2008 4:41 PM
> Are we going to create the SUPER user group manually?
That depends on you. You can do this in tcode SUGR.
Unfortunately the group name was hardcoded in certain places using value 'SUPER', which in my opinion was (as hardcoding seldom is) not wise.
What works quite nicely is a naming convention, for example:
ZZZ9 - Standard Super Users.
ZZZ8 - Own Custom Emergency Users.
ZZZ7 - Standard RFC Users.
ZZZ6 - Own Custom RFC Users.
ZZZ5 - System Job Users.
ZZZ4 - Business Job Users.
...
etc etc.... keep going until you reach 'ZIMBABWE', in which case you should stop if you are using country names as user groups...
Cheers,
Julius
11-10-2008 5:08 PM
"Protecting Standard Users" - protecting SAP* , DDIC ( and probably EARLYWATCH) IDs which are super users default by SAP.
I agree with Julius, however we have created SUPER group in our implementation and it works fine.
Regards,
Zaheer