Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Steps During Support Packs/Stacks

Former Member

‎04-23-2009 8:18 PM

0 Kudos

Hi, we are using ECC6 and will be implementing support stacks 18 and was wondering what steps are required for security. Aside from testing our roles and checking for sap notes, are there other steps that we have to do or check for?

Thanks in advance!

5 REPLIES 5

Former Member

‎04-24-2009 3:08 AM

0 Kudos

Locking and unlocking of users so that users cannot login into system while support packs are in progress.

Former Member

‎04-24-2009 4:47 AM

0 Kudos

How do I find out if new authorizations came with the support packs? How should this be handled?

Former Member
In response to Former Member

‎04-24-2009 6:22 AM

0 Kudos

Hi Litz,

Usually new authorizations are not introduced through support packs, they are brought in when an upgrade is done.During an upgrade, the new authorizations can be identified through one of the steps of SU25 -to be more specific through SU25 step C.

I'm not sure if there exist any txn through which you can validate the new authorization that has come in as a result of support pack upgrade similar to SU25.

Thanks,

Saby..

Former Member

‎04-24-2009 7:45 AM

0 Kudos

This message was moderated.

Former Member

‎04-27-2009 11:48 PM

0 Kudos

When new support packs come in SAP_NEW and SAP_ALL may be revised. SAP_NEW contains a list of authorizations which are new with those support packs. It contains a list by release. The previous SAP_NEW is overwritten. You can verify it by checking sap_new in two environments in which the support pack levels are different.

If you go to transaction su02 and enter SAP_NEW and choose generate work area choose it by clicking on it and then choose documentation you will get further information on this. You can further drill down on it

Alternatively, you can choose transaction SUIM and then profiles and By Profile Name or Text; enter sap_new in Profile and choose appropriate options. You will get a list of New Authorization Checks. In that expand your release and review.

Somewhere, I believe is SAP documentation it mentions that this must be reviewed with every support packs delivered. Once these authorizations have been dealt with, then sap_new can be removed from all users.

Hope this helps