Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • SAP Security Administration Using ST01

    Загружено:

    Sindhuri Kilaru
    142 просмотров11 страниц
    ST01 is a tool in SAP that traces authorization checks and system activities. It allows security administrators to analyze which authorizations are needed for a transaction by capturing the executing ABAP code. ST01 can trace authorization issues as well as other functions like kernel processes, database access, RFC calls, and more. To use ST01, an administrator selects the user and transaction to trace, turns on the authorization check trace, and then analyzes the results to determine if any authorization failures occurred.

    Исходное описание:

    trace

    Оригинальное название

    10 ST01 Tracing

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PPT, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    ST01 is a tool in SAP that traces authorization checks and system activities. It allows security administrators to analyze which authorizations are needed for a transaction by capturing the executing ABAP code. ST01 can trace authorization issues as well as other functions like kernel processes, database access, RFC calls, and more. To use ST01, an administrator selects the user and transaction to trace, turns on the authorization check trace, and then analyzes the results to determine if any authorization failures occurred.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    142 просмотров11 страниц

    SAP Security Administration Using ST01

    Загружено:

    Sindhuri Kilaru
    ST01 is a tool in SAP that traces authorization checks and system activities. It allows security administrators to analyze which authorizations are needed for a transaction by capturing the executing ABAP code. ST01 can trace authorization issues as well as other functions like kernel processes, database access, RFC calls, and more. To use ST01, an administrator selects the user and transaction to trace, turns on the authorization check trace, and then analyzes the results to determine if any authorization failures occurred.

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PPT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 11

    SAP

    SAP Security Administration


    By Sravan

    SAP Advanced
    Troubleshooting

    ST01 is one of the primary tools in the SAP security administrators tool
    bag. ST01 gives us a peek inside the running ABAP program to reveal the
    SAP authorization concept in action by capturing the ABAP code executing
    the authority check against specific authorization objects.
    Although the security administrator uses ST01 for analyzing the
    authorizations needed for a given transaction, ST01 is not just for
    authorization traces
    If you dont know by now, the SAP authorization concept is implemented in
    SAP within the APAP code that executes behind every transaction code.
    The ABAP code looks at the authorization values that have been set for an
    individual by way of the role(s) that have been assigned to the user
    master record
    And then it compares those values to the values the program designer
    expects to validate, whether the user is authorized to run this program.

    SAP Advanced
    Troubleshooting

    ST01 (System Trace) used to recode the internal SAP system


    activities.
    Main usage: The system trace is primarily used when, one want to trace the
    authorization issues and analyze them.
    Apart from the authorization issues ST01 also provides the following features:
    Kernel functions
    Kernel module
    Database accesses (SQL trace)
    Table buffers
    RFC calls
    Lock operations (client side)
    Note: The last 4 components can also be monitored using Performance
    Analysis (transaction ST05).
    Click here to see how ST01 is used to find missing authorizations

    SAP Advanced
    Troubleshooting

    Step 1 : Type ST01 tcode and execute

    SAP Advanced
    Troubleshooting

    Step 2: Click Edit->filter-Shared to include for whom the trace is happening

    SAP Advanced
    Troubleshooting

    Step 3: Type the user name and then click right button
    to execute

    SAP Advanced
    Troubleshooting

    Tick the Authorization check as we are only tracing authorization check

    SAP Advanced
    Troubleshooting

    Step 5 : Switch on trace


    Note : Once trace is turned on, ask the user to login and perform the activity
    for which authorization check need to be traced

    SAP Advanced
    Troubleshooting
    Step : Start analyzing the trace

    SAP Advanced
    Troubleshooting

    IF
    Return Code (RC=0) 0 indicates the authorization was successful.
    Return Code (RC=4 or other than 0) 4 indicates the authorization was
    unsuccessful

    SAP Advanced
    Troubleshooting

    IF Return Code (RC=4 or other than 0) 4 indicates the authorization was


    unsuccessful
    ST01 code Description
    0 Auth check passed
    1 No authorization
    2 Too many parameters for auth check
    3 Object not contained in user buffer
    4 No profile contained in user buffer
    6 Authorization check incorrect
    7,8,9 Invalid user buffer

    Вам также может понравиться