on 06-06-2007 9:59 AM
Hi
At present we are on R/3 46C,Oracle 8i, HP UX 11i.
Our exisiting H/W, OS and DB is being upgraded to meet the demand for future ECC upgrade. This upgrade is done by a seperate vendor.
Present:
SAP  KERNEL 4.6D 64-BIT
DB   ORACLE 8.1.7
OS   HPUX  11.11/PA-RISC
After the H/W,OS & DB upgrade, the configuration will be as below,
Future:
SAP   KERNEL 4.6D 64-BIT
DB   ORACLE 9.2 64-BIT
OS   HPUX  11.23/IA64 64BIT
After the successful upgrade, what are key checks that we have to perform from BASIS side to ensure that everything works fine before releasing the system to end users..
Pls drop your valuable thoughts on this regard.
regards,
Vinodh.
Hi Vinodhi!
Could You tell me something about de NEW SIZING of your equipment after movingo to ECC 6.0?
It means: You had an old environment and a new environment working simultaneuously by some time and I would like to know the physical differences between that environments ( Memory, Processors, Disk-Storage upgrade ).
Could you, also, report the answer for PRD and DEV SAP R/3 Boxes?
Best regards
Claudio Cirelli
Brasil
claudio.cirelli@terra.com.br
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sizing is always very dependent on number of users, size of database and many many other key factors. Each system and company is different.
Check
http://service.sap.com/quicksizer
and
Note 901070 - Resource requirements for SAP Enterprise Core Component 6.0
--
Markus
Hi Kumar,
You can do all the following actions.
Recommendation Resp.
47. The parameter rsau/enable should be set to one and appropriate audit profiles should be defined through transaction code SM19. BASIS
48. The parameter Login/min_password_lng should be aligned with enterprise wide policy and should be set to 8 characters. BASIS
49. The parameter Login/password_expiration_time should be set to at least 90 days. BASIS
50. User account SAP* should be deactivated and a different super user should be defined by taking the following steps:
§ Assign a new trivial password to SAP*;
§ Delete all profiles from the SAP* profile list so that SAP* has no authorizations;
§ Lock the user account SAP*;
§ Assign SAP* to the user group SUPER to prevent easy deletion or modification of its user master record; and
§ Define a new user with the SAP_ALL profile to make it a super user. BASIS
51. The parameter Login/failed_user_auto_unlock should be set to at least 0. This implies that the locked user accounts can be unlocked only by the system administrator. BASIS
52. To evaluate the requirement for user accounts to have access to these transactions and the access should be revoked, if not required.
§ PFCG (Role Maintenance)
§ RZ10 (Maintain Profile Parameters)
§ SCC4 (Client Administration)
§ SE01 (Transport Organizer (Extended))
§ SE38 (ABAP Editor)
§ SM04 (User List)
§ SM30 (Call View Maintenance)
§ SM50 (Work Process Overview)
§ SU01 (User Maintenance) BASIS
53. revoke SAP_ALL access from all additional users. Also, the management should formalize a periodic review process of all users defined on SAP to identify additional users and disable these user accounts. BASIS
54. review the users with SAP_NEW in their profile and restrict the number of users who have access to this critical profile BASIS
55. The configuration parameters for expiry of new/reset passwords should be configured appropriately in the production system as mentioned below:
login/password_max_new_valid (=< 30) login/password_max_reset_valid (=< 30) BASIS
57. Company code T001 should be defined as productive BASIS
58. The management should identify critical data or master tables, which needs to be logged. The parameter rec/client should be set to ON to enable logging for important fields within these tables. BASIS
59. If the table auditing is enabled, images of the table before and after are logged; rather than just the changes. Therefore, TCB should identify the tables that are to be logged so as to arrive at an optimum and manageable log volume before using this as part of a control solution. The management should also constitute a periodic archiving process for these logs. BASIS
60. The parameter Login/fails_to_user_lock should be set to at most 5 invalid attempts BASIS
61. T001 should identify commonly used passwords and populate the table USR40. BASIS
62. The parameter Rdisp/gui_logout should be set to 900 seconds. BASIS
63. The default passwords for the standard user account should be changed.
User account SAPCPIC
§ User account SAP*
§ User account DDIC
§ User account EARLYWATCH BASIS
64. Client copier protection should be set to level 1: No overwriting, to ensure that the production client cannot be overwritten by the client copy program. BASIS
65. review all customized tables and ensure that they have been assigned to appropriate authorization groups. BASIS
66. To identify all sensitive transactions in SAP and based on their usage, the transactions, which are not used on a regular basis, should be blocked using SM01. BASIS
67. The user creation and authorizations procedures should be modified to include reviewing the user authorization against the segregation of duties matrix to ensure that the users do not have any identified conflicts. If a conflicting combination of transactions is required due to business constraints, the same should be documented and approved by the management. Further, for such approved conflicts, mitigating detective controls should be developed. BASIS
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi ms r,
Thanks for your reply.
I would like to inform you that this upgrade is not at all related to R/3 version up. The things that you have mentioned here discuss about R/3 settings and configuration after new installation.
I trust that we don`t have to make any configuration settings at R/3 level except few parameter changes after an OS,DB version up.
regrds,
Vinodh.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
97 | |
11 | |
11 | |
6 | |
6 | |
4 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.