Application layer
Site Reliability Engineering
A customized cloud for the most diverse requirements of medium-sized companies is an important backbone for business success. For this purpose, we accompany digitization projects of our customers from a wide range of industries on an equal footing.
Hosting environments and third-party offerings have also contributed to these improvements. Public cloud environments such as Azure and AWS provide a layer of abstraction that eliminates the difficult task of maintaining hardware that was required with SAP on-premises.
SE37 Function Builder
At best, for the time in which an emergency user is in service, a separate log of the activities undertaken is written, which can then be evaluated. In the following chapter I would like to explain our best practice approach to implementing an emergency user concept. Our approach to using an emergency user concept We have had good experience with the use of the Xiting Authorizations Management Suite (XAMS) in this area. This suite consists of various modules for creating role concepts, managing permissions including a permission concept, and also enables the implementation of an emergency user concept. XAMS works here with a limited time assignment of reference users with extended privileges to enable the emergency user concept. A self-service application may be made with a justification and a period for allocating special rights. The application window is illustrated in an example in the following screenshot: Evaluation of the use of the Emergency User Concept Once this request has been initiated, a new mode will be opened for the user, in which he can work with the extended rights. In addition, depending on the configuration, a stored workflow can be initiated as an approval process, or pre-defined controllers will be notified by email to verify activities. Once the session has ended with the emergency user, the responsible persons will receive another email with the logged activity of the user with the extended permissions. One of these logs is shown in the next screenshot: These logs can also be viewed in the system. Here you will get an overview of all the sessions that have been run. In addition, it is possible to approve activities with special rights after an evaluation. This allows the controller to get an overview of the activities undertaken with the emergency user. If you are using this Emergency User Concept and following these steps, you can ensure: Each user on the production system retains his or her original necessary rights.
If you want to get more information about SAP basis, visit the website www.sap-corner.de.
So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.
Tasks such as the update of components, the insertion of security updates or monitoring should be further automated. It is recommended to use only one automation tool (SAP Solution Manager or SAP LVM). Custom solutions and scripts should not be used or replaced with standard tools if possible, because otherwise different script languages and script versions will have to be managed, resulting in a lot of maintenance. Standardised SAP scripts are welcome here. A useful definition of thresholds, for example on the basis of historical system behaviour, must also be defined for monitoring.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP basis.
However, especially with large SAP landscapes, there are strict regulations regarding the permissions of technical RFC users.
In deciding on one of the above concepts, the SAP basis must be included for the evaluation of various technological and operational aspects, which offers the possibility to develop a sound decision.