05-13-2010 12:02 AM
Could someone advice me about SAP NOTE 1298433 Security note: Bypassing security in reginfo & secinfo
In my opinion this error correction must be done carefully due could be a risk during the execution of jobs that use external programs causing that jobs finish with errors, losing files or external programs unable to connect
We have received news from others customers that have applied this change and they have had some issues, where external programs where unable to connect, there was such a flood of them at once at the end the client requested to disable this for now, as they are controlling their environment for this with their firewalls.
05-13-2010 2:59 PM
Hi,
I would suggest to dynamically set the parameter and check the external connections using the function module TH_CHANGE_PARAMETER as mentioned in the note 1298433.
This would ensure you dont run into issues as you suspect.
Regards,
SR
05-13-2010 3:14 PM
Have you had implemented that note, if is ok could you share your experience
Thanks in advance
05-18-2010 9:59 PM
A likely cause of failure is that you restricted the user-hosts in secinfo without maintaining reginfo.
Absence of reginfo defaulted to secinfo settings, but that is somewhat contradictory as they service a different purpose.
Please describe the scenario of your concern? Particularly, are you using any IS-solutions or have background processing "balanced" onto a specific server?
Can you locate it to a reginfo problem in combination with a router?
Firewalls between the server network and the clients is good, but not very scalable as the firewalls are generally rather blunt and don't understand application logic. Network security folks seldomly understand SAP as well and don't really like maintaining SAP related network devices.
Cheers,
Julius