Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

What are the security post refresh procedures in general?

Former Member
0 Kudos

Hi,

Can anyone list me out What are the security post refresh procedures in general?

Thanks and Regards,

Damanaidu J

1 ACCEPTED SOLUTION

Former Member
0 Kudos

Hi Damanaidu

Why don't you post the activities you have already identified and then we can add to / comment on what you have already got?

8 REPLIES 8

Former Member
0 Kudos

Hi Damanaidu

Why don't you post the activities you have already identified and then we can add to / comment on what you have already got?

Former Member
0 Kudos

Hi,

As rightly said by Alex please let us know the activities that you've identified.

In general,it is very important to import the user master data without which the user would not be able to log in.

In case of development systems you should also import the developer access key.

Thanks,

Saby..

0 Kudos

We do the refresh of the Production shadow copy. Before the actual activity we take the backup of the profiles and later scheduled to sync split activities by running the refresh scripts. After these jobs we do some activities which are not relevant to my question. After completion of these activities we inform the security team to perform security post refresh procedures. Other than user master data import what are the other activities the security team does or supposed to do as a part of security post refresh activity.

Thanks and Regards,

Damanaidu J

0 Kudos

>

> We do the refresh of the Production shadow copy. Before the actual activity we take the backup of the profiles and later scheduled to sync split activities by running the refresh scripts. After these jobs we do some activities which are not relevant to my question. After completion of these activities we inform the security team to perform security post refresh procedures. Other than user master data import what are the other activities the security team does or supposed to do as a part of security post refresh activity.

>

> Thanks and Regards,

> Damanaidu J

Do you have CUA or HR position base security? If so, there are quite a few steps. Let me know and I'll post my reply.

0 Kudos

Hi,

Can you cite with respect to CUA.

Thanks and Regards,

Damanaidu J

0 Kudos

>

> Hi,

>

> Can you cite with respect to CUA.

>

> Thanks and Regards,

> Damanaidu J

CUA

====

CUA behaves differently during a system/client copy and this is the approach we took and it was successful. The goal is to take a backup of the source before CUA deletion then restore. Do not delete CUA and just attempt to rebuild it, all the roles will be gone. Backup and restore will be the approach I recommend.

a1. Take a snap shot of your QA user and role assignments before copy.

1. (Basis) First make a backup of the source system. This is important before step 2.

2. After successful backup delete the CUA from the source system.

3. After successful copy to target system, restore backup to source system.

4. Depending how the copy was done, users and passwords should be in the target system but all the role assignments will be gone.

5. Start assigning roles base on your requirements. If you need to restore the old QA settings that is captured in a1.

Perhaps others can add in other steps I might have missed.

Good Luck!

0 Kudos

Hi John,

Well, can you differentiate the procedures between CUA and HR positon base security.

Thanks and Regards,

Damanaidu J

0 Kudos

>

> Hi John,

>

> Well, can you differentiate the procedures between CUA and HR positon base security.

>

> Thanks and Regards,

> Damanaidu J

Sorry I missed a step. Please add step 4a.

Step 4a - Build CUA in target system/client.

Steps with HR position base security

=============================

The steps should be the same with the exception of assigning roles on the target client. It really depends on your requirements. In our case we want the target to look like the source, so we have to run RHPROFL0 to assign back all the HR base position after the refresh.

Regards,

-John N.