Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

SOD rule set for Solman

Former Member
0 Kudos

Hi,

We have a requirement for creating rule set for Solman system in GRC 5.3, since SAP does not provide any statndard rule set for Solman I was hoping that you guys can guide me by,

a) Providing examples of common SOD violation in Solman

b) Sharing any rule set for Solman (if it is possible)

1 ACCEPTED SOLUTION

Former Member
0 Kudos

Its workings and agents and services and trust dependencies are too complicated for mortals to build a tcode based SOD matrix for. That belittles the SOLMAN - rather get GRC to fix ALEREMOTE and BWREMOTE and WF-BATCH first, then consider taking on SOLMAN.

SOLMAN ist above GRC. It is omni-present. It is the illuminator of central solutions. It is all or nothing for the managed systems and CSMREG can normaly do that because of SAP Note 1646257...  😞

(however you thankfully can do your vanilla checks for basis auths and user admin vs. auths admin etc on SOLMAN, unless it is the CUA master and you have S_USER_SAS active with fixed SYSTEM users in the distribution model, in which case you need to know what you are doing and not rely on GRC to work it out within the SOLMAN..).

Cheers,

Julius

2 REPLIES 2

Former Member
0 Kudos

Its workings and agents and services and trust dependencies are too complicated for mortals to build a tcode based SOD matrix for. That belittles the SOLMAN - rather get GRC to fix ALEREMOTE and BWREMOTE and WF-BATCH first, then consider taking on SOLMAN.

SOLMAN ist above GRC. It is omni-present. It is the illuminator of central solutions. It is all or nothing for the managed systems and CSMREG can normaly do that because of SAP Note 1646257...  😞

(however you thankfully can do your vanilla checks for basis auths and user admin vs. auths admin etc on SOLMAN, unless it is the CUA master and you have S_USER_SAS active with fixed SYSTEM users in the distribution model, in which case you need to know what you are doing and not rely on GRC to work it out within the SOLMAN..).

Cheers,

Julius

0 Kudos

Hi Julius,

I usndersatnd that creation of t-code based matrix for SOD's in Solman is too complicated, so we are creating some basic SOD's according to process.

Example for Charm, I created SOD's based on B_USERSTAT object, however I am still stuck with creating SOD's for Documentation and Service desk processes. Appreciate if you can provide some insight of any coommonly present SOD's within these processes.