10-14-2010 4:05 PM
Friends,
We are going through a Support Pack installation not Version Upgrade
What is the usual security practice during support pack installation?
As per my previous experience,
Security is not involved in support pack installation until there is an authorization issue during testing and we just fixed authorization issues(If they arise) when required
Version upgrade is when we really used the SU25 utility and regenerated all the roles and tested them.
Please advice on what you all do during Support Pack Installation
Thanks in advance
LK
10-14-2010 4:52 PM
You are on right track. Support pack installation do not impact "roles and authorisations".
If you are in doubt, run "side effect" report and go applicable notes.
Regards,
Krishna
10-14-2010 4:52 PM
You are on right track. Support pack installation do not impact "roles and authorisations".
If you are in doubt, run "side effect" report and go applicable notes.
Regards,
Krishna
10-14-2010 5:13 PM
Hi
You can check the security guide of your product version. The security guide of SAP products are always updated according with the SP level installed.
You can check the changelog of your SP level in the security guide to check what changed.
10-14-2010 6:12 PM
There are several places where the security personnel would be involved in a support pack installation:
1. Security related notes (fixes to security functionality)
2. Functional related notes with security implications (such as updating authorizational requirements)
3. Changes or enhancements to functionality
4. Security support for the implementation
Personally, I pull a list of everything in the support pack and go through anything that is specifically listed as security and then spot check everything else. Anything I find, I personally test before releasing it out for regular unit test or UAT.
10-15-2010 6:54 AM
Hi JK,
Good Practice to apply Support Packages is , don't apply them directly to PRD Server because there can be some negative effects.
There are some points which you should keep in mind before applying SPs:
1. Offline database backup.
2. NT State backup
3. USR Folder backup
4. Check open transport Request
5. Client checking
6. Checking updates
7. Lock users on all clients for a specific server.
8. SC06- Change components from non-modifiable to modifiable.
While applying SPs we must have a strong ABAP + Functional team.
Thanks & Regards
Disha Gupta
10-15-2010 8:57 AM
Hi,
also if you 'only' apply supportpackages, SU25 is advisable!
b.rgds, Bernhard