SAP NOTE 1298433 Bypassing security in reginfo & s...

Former Member · ‎05-13-2010

Could someone advice me about SAP NOTE 1298433 Security note: Bypassing security in reginfo & secinfo

In my opinion this error correction must be done carefully due could be a risk during the execution of jobs that use external programs causing that jobs finish with errors, losing files or external programs unable to connect

We have received news from others customers that have applied this change and they have had some issues, where external programs where unable to connect, there was such a flood of them at once at the end the client requested to disable this for now, as they are controlling their environment for this with their firewalls.

Former Member · ‎05-13-2010

Hi,

I would suggest to dynamically set the parameter and check the external connections using the function module TH_CHANGE_PARAMETER as mentioned in the note 1298433.

This would ensure you dont run into issues as you suspect.

Regards,

SR

Former Member · ‎05-13-2010

Have you had implemented that note, if is ok could you share your experience

Thanks in advance

Former Member · ‎05-18-2010

A likely cause of failure is that you restricted the user-hosts in secinfo without maintaining reginfo.

Absence of reginfo defaulted to secinfo settings, but that is somewhat contradictory as they service a different purpose.

Please describe the scenario of your concern? Particularly, are you using any IS-solutions or have background processing "balanced" onto a specific server?

Can you locate it to a reginfo problem in combination with a router?

Firewalls between the server network and the clients is good, but not very scalable as the firewalls are generally rather blunt and don't understand application logic. Network security folks seldomly understand SAP as well and don't really like maintaining SAP related network devices.

Cheers,

Julius

SAP NOTE 1298433 Bypassing security in reginfo & secinfo