Disabling STAD recording using the S_ADMI_FCD auth...

Former Member · ‎11-18-2009

Hi,

Actually i recently came to know that by using the authorization object s_admi_fcd - Basis Administration, and using the AUDA authorization, it is possible to stop the logging of the user actions in STAD transaction.

Is it possible to somehow stop this from happening except role definition. I mean is there some user exit that can be used that gives us the capability to stop disbaling the STAD recording.

Thanks and Kind Regards,

Gaurav.

Former Member · ‎11-18-2009

<complete_nonesense_removed_by_moderator>

Edited by: Julius Bussche on Nov 18, 2009 11:41 AM

Former Member · ‎11-18-2009

Hi ASADUZZAMAN,

Thanks for the solution, but this will work by controlling the access. I mean we need a role which excludes the STAD transaction. This I already knew this, but is it somehow possible that we enable the STAD transaction, but stiil prevent the user from disabling the Recording process.

Thanks and Kind Regards,

Gaurav.

Former Member · ‎11-18-2009

<complete_nonesense_removed_by_moderator>

Edited by: Julius Bussche on Nov 18, 2009 11:41 AM

Former Member · ‎11-18-2009

Hi ASADUZZAMAN,

Thanks again, but still this is a role based solution. I am already aware that via role we can restrict the user, but my question is that if the user has the authorization and we still need to prevent him from disabling the recording.

Are there any User exit available at the STAD transaction level which helps us, where we can write some code so as to programmatically restrict the user from disabling the recording.

If this is possible then we can have a authorization independent solution.

Thanks and Kind Regards,

Gaurav.

Former Member · ‎11-18-2009

What happenned ?

Edited by: shilamoni on Nov 18, 2009 6:09 PM

Former Member · ‎11-18-2009

> Actually i recently came to know that by using the authorization object s_admi_fcd - Basis Administration, and using the AUDA authorization, it is possible to stop the logging of the user actions in STAD transaction.

How did you come to "know" this?

Possibly you are refering to the navigation from the output menus. These are protected by the following check, as are many reports and jump options into RZ11:

    AUTHORITY-CHECK OBJECT 'S_ADMI_FCD' ID 'S_ADMI_FCD' FIELD 'PADM'.
  IF SY-SUBRC <> 0.
    RAISE NOT_AUTHORIZED.
  ENDIF..

If you can see a way into the audit log administration from STAD, then the AUDA and AUDD checks is also accompanied by a check agains S_C_FUNCT which gives you the option of display or change mode for SM18 - SM20N * reports.

If you search OSS you will find the note explaining the values, or read the comments in the code.

Cheers,

Julius

Former Member · ‎11-18-2009

Hi Julius,

Thanks for the reply. Does this mean that the user can't possibly disable the STAD recording for user actions? If no, could you please let me know, how this is can be doen and how can we stop this from happening.

Kind Regards,

Gaurav.

Former Member · ‎11-18-2009

> Does this mean that the user can't possibly disable the STAD recording for user actions?

In STAD, is the user stopping the recording by changing parameters (see my above answer) or by flooding the filesystem or blocking the collector jobs or the ultimate low-tech DoS attack by smashing the server with a sledge hammer?

Please be more specific. The PADM check would normally be the correct one to be carefull of.

Cheers,

Julius

Former Member · ‎11-18-2009

What happened with my previous post

ASADUZZAMAN

Former Member · ‎11-18-2009

I removed them because they made no sense, and were "linkfarming" to a document which made even less sense...

Cheers,

Julius

Disabling STAD recording using the S_ADMI_FCD authorization object