05-29-2009 10:21 AM
Dears,
We open OSS connections several times for SAP support in which we also provide login credentials to SAP to login in our system.
Is there any standred roles or profile for this user in QAS and PRD that we can give to maintain our servers confidentiality.
Please suggest.
Shivam
05-29-2009 10:26 AM
Not really. A note related to your question popped up in a previous discussion:
> If you take a look at [SAP Note 1118396 - Roles for support activities|https://service.sap.com/sap/support/notes/1118396] you will see this explained nicely...
05-29-2009 10:28 AM
Hi
while opening the connection to the users it all depends on the need as to actaul access we need to give the user id with SAP_all authorizations so that the concern can easily workout accordingly else he needs to ask you for the authorizations again and again which will be time consuming and all
make the login id le SAPSUPPORT and give him role as SAP_All n New as required
Thx
Shilpa
05-29-2009 10:45 AM
Hi,
I am not sure if there is a SAP delivered role for such a requirement that you can copy. You can also build the role (usually an application role) from scratch. However, the approach is usually to limit access to "Display" on production environments. In DEV & QAS, it's upto what your customer deems is safe.
We have SAP FF to work with our production environments and all transactions are logged and audited.
- Avinash
05-29-2009 10:58 AM
Dear Shivam,
SAP has already addressed your concern with Solution Manager.
If solution manager is available at your site, Remote support technician will have read access only to data which is necessary for troubleshooting.
Rgds,
Mat.