transacciones was

Transaction Description

TADM10_1

1 SESSION_MANAGER Initial transaction in SAP standard menu

2 SICF ICF Administration (Services)

3 SMICM ICM administration4 SU3 Maintain Users Own data

5 RSPFPAR Display System Parameters

6 SM04 Monitor users per instance7 SU01 User Maintenance8 PFCG Role Maintenance Tool9 SE43 Area Menu Maintenance

10 SE16 Display and Create Table Contents11 SM30 Maintain Table Views12 SBWPSO01 Business Workplace13 SMW0 SAP Web Repository Image Upload14 SIGS IGS Administration15 SM51 Shows Instances of the system 16 SMMS Message Server Monitor17 SMGW Gateway Monitor18 SM50 Shows processes of an instance

19 SM66 Shows processes of an instance (global)20 ST02 SAP Memory

21 SP01 Spool and Output Requests Administration

22 SP02 Spool Requests Administration23 SM36 Creation of Jobs24 SM36WIZ Creation of Jobs (wizard)25 SMX Job Monitoring (own jobs)26 AL08 Monitor users per system27 ST07 Monitor users per instance by application28 ST06OS06 OS Monitor29 RZ03 CCMS Control Panel30 ST11 Startup Error Log Files31 AL11 SAP Directories amp Env variables32 SM35 Batch Input Overview and Monitoring33 SM02 System Messages Administration34 SE37-gt TH_POPUP Function to send messages to a user35 RZ11 System Parameters (1 at the time)36 RZ04 Operation Modes37 SM63 Operation Modes Time Table38 STRUSTSSO2 Trust Manager for Logon Ticket39 SPRO SAP Customizing through IMG

40 SPRO_ADMIN SAP Customizing Project Administration41 SCC4 Client Administration42 SE09SE10 Transport Organizer43 STMS TMS Configuration44 ABAPDOCU Abap Documentation45 SE13 Dictionary - Technical Settings46 SE14 DB Utility (to create tables in DB)

TADM10_2

47 SITSPMON Internal ITS Status

48 SICFRECORDER

49 SMLG SAP Logon Groups

50 SU5651 SUGR Group maintenance52 SE43 Area Menu Maintenance53 SSM2 Set Initial Area Menu Systemwide54 SU10 Mass Changes for Users55 SU02 Authorization Profiles

56 SU0357 SU53 Check Failed Authorizations58 ST01 System Trace (User Authorization Trace)59 PFUD User Master Data Reconciliation60 SUIM User Information

61 SECR

62 SM20 Analysis of Security Audit Log

63 SM1964 SM59 RFC Destinations65 SM58 Transactional RFC66 SMQ1 qRFC (outbound queue)67 SMQ2 qRFC (inbound queue)

68 RSRFCCHK69 RSARFCLD Report that gets and sets RFC quotas70 BD64 Distribution model 71 WE20 Partner profiles

72 WE21 Port definitions

enables developers and administrators to identify and correct sources of error in failed service calls by recording HTTP requests

Every user can display his or her own user buffer with this transaction

Authorization Objects and Authorizations Maintenance

The Audit Information System (AIS) is an auditing tool that can be used to analyze security aspects of SAP the AIS is now delivered with a series of roles

Security Audit (Static and Dynamic Configuration)

List each RFC destination and the user involved

73 WSADMIN74 BAPI BAPI browser (40) 75 SWDD Workflow Builder76 SWUI_DEMO Wokflows Demos77 RMMAIN78 SALE79 BD5480 SLDHTMLGUI81 RZ7082 SLDCHECK83 RZ2084 RZ21

SAP WAS 640 and higher also provides the WebService Framework which allows you among other things to declare individual modules as web services

Transactions as they appeared on course TADM10TADM12 November 2009

WAS Administration Transactions

Transaction Navigation Notes

SESSION_MANAGER Initial transaction in SAP standard menu

SEARCH_SAP_MENU

SEARCH_USER_MENU

Shortcut in Command Field

n Cancel the current transaction

nXXXXo Display an overview of sessions

oXXXX

nend

nexi Delete the session you are currently usingsc Search a string in a screen pagepc Download a document to your desktop$sync SAP buffer reset$sync all SAP buffer resetSMW0 SAP Web Repository Image Upload

SAP Administration and Configuration

SM51 Shows Instances of the system Shows requests in dispatchers queueSM50 Shows processes of an instance

SM66 Shows processes of an instance (global)SM04 Monitor users per instanceAL08 Monitor users per system

ST07 Monitor users per instance by applicationST02 SAP MemorySM12 SAP LocksSM13 SAP UpdatesSM14 SAP Update AdministrationSM21 SAP LogsST22 SAP DumpsAL11 SAP Directories amp Env variablesSMLG SAP Logon GroupsST11 Startup Error Log Files

RZ03 CCMS Control PanelSICK SM28 SAP Consistency CheckSM01 Transaction Code Administration Lock Unlock of transactionsSM02 System Messages AdministrationSE37 -gt TH_POPUP Function to send messages to a userRZ04 Operation ModesSM63 Operation Modes Time Table

search the corresponding menus for the predefined text pattern in sap menu

The users and SAP menus can be structured in a pretty complex way It is then difficult to remember the exact path for the transaction you are looking for The search result is prepared in a list view from which you can take the navigation path

search the corresponding menus for the predefined text pattern in user menu

Call transaction XXXX directly from another transaction

Call transaction XXXX in a new session directly from another transaction

End the logon session with a confirmation dialog box

End the logon session without a confirmation dialog box

Initialize and stop instances trigger manualy operation modes

SR13SSAA System Administration Assistant

SLG0

SLG1

SLG2

SCU3 Table Changes Log

SMGW Gateway MonitorSIGS IGS AdministrationST06OS06 OS Monitor

Batch Input

SM35 Batch Input Overview and Monitoring

SAP Archiving

SARA Archive AdministrationFILE Logical Path File Definition for ArchivingDB15 Tables and Archiving Objects Relations

SAP Parameters and Profiles

RSPFPAR Display System ParametersRZ10 System Parameters AdministrationRZ11 System Parameters (1 at the time)SAPPFPAR Shows profile parameters OS Command

SMICM ICM administrationSICF ICF Administration (Services)

SICFRECORDERSITSPMON Internal ITS Status

Mail and Collaboration ToolsSBWPSO01 Business Workplace

Monitoring Notes

SAP HELP and Documentaion Configuration

Use transaction SLG0 to define entries for your own applications in the application log

The application log includes application messages just as the system log includes system messages It is used heavily in SAP APO the SAP SCM Event Manager and Warehouse Management The log traces application events and tasks and reports on their activity (for example transfer of data from SAP ECC to SAP APO) The application log is used to trace who initiated the transfer when the transfer was madeand what was transferred

Old application logs can be deleted in transaction SLG2

Internet and Browser-Based Administration


RZ20 CCMS MonitoringRZ21 Configuracioacuten del CCMS monitoring

GRMG Generic Request and Message Generator

ST03G

STATTRACE

STAD

ALRTINBOXSALRT1 RFC destination for Central Alert ServerALRTCATDEF Alert Categories Management

SA38 -gt RSTBHIST

ST10STUN Performance Monitoring Menu Set of monitoring toolsSMMS Message Server Monitor

SAP Office and Communications

SBWP SO01 SAP Business WorkplaceSE37 --gt th_popup Sends personalized popup messages to usersOSS1 Log On to SapNetSM55 THOST Table Maintenance

Database Administration (Oracle)

DB01 Database LocksDB02 Database Space OverviewDB03 Log of database parameters changes

DB05

DB12 Backup log overview

DB13 DBA planning calendar

DB13C Central DBA planning calendar

Global Workload Monitor displays Java statistical records that are used for performance monitoring

The SAP WAS Java can write distributed statistics records (DSRs) that can trace actions that are processed using non-ABAP components such as WAS Java Business Connector (BC) and ITS The writing of the statistics records is activated when the SAPCCMSR agent is registered and the standard job SAP_COLLECTOR_FOR_NONE_R3_STAT is started in ABAP

If you find errors in the Global Workload monitor you can analyze these using the performance trace (also known as the functional trace) The performance trace provides a finer granularity than DSR

SAP Workload Business Transaction Analysis

The Alert Inbox is an application based on BSP which calls the URL httphostportsapbcbspsapalertinbox

Auto-reaction method CCMS_Send_Alert_to_ALM forwards alerts for assigned monitoring architecture nodes to the ALM This method is similar to CCMS_OnAlert_Email with which you can define an automatic alert notification A difference is that when you are forwarding alerts to the ALM you no longer need to specify the sender and recipient in the method definition

Obtain a list of those tables that are currently set to be logged

Performance Analysis Table Buffer Invalidations

Analysis of table with respect of Indexed fields

lets you view backup results and the status of the archive directory Provides recovery report checking if all backups are available to perform a restore and recovery

Schedules backups and other administrative jobs in the database system

Schedules backups and administrative activities centrally for several SAP systems and databases

DB14 DBA Operations MonitorDB16 Overview of database checks

DB17 Configuration of database checksDB20 maintain statisticsDB21 configuration of statistics

DB24DB26 database parameter overview

DB02 Tables and Indexes monitor

ST04 Database Performance monitorST04N New Oracle database monitor

RZ20 Database Alert monitor

RSORATAD determine the index storage quality

D BACOCKPIT See note 1028624

RFC Notes

RZ12 RFC Server Group MaintenanceSM59 RFC DestinationsSM59_OLD RFC DestinationsSM58 Transactional RFCSMQ1 qRFC (outbound queue)SMQ2 qRFC (inbound queue)SMQ3 qRFC (saved e-queue)SMQA tRFCqRFC Confirm statusSMQE qRFC AdministrationSMQR qRFC Monitor (QIN Scheduler)SMQS qRFC Monitor (QOUT Scheduler)RSARFCLD Report that gets and sets RFC quotasRSARFCSE Execute ARFC as background jobSABP0000SABP0003 customize interval of RSARFCSE

RSRFCCHK

Printers

SPAD Spool Administration

SP01SP02 Spool Requests AdministrationSP11 List objects in TemSeSP12 TemSe Administration

Web Services Notes

Checks the status and logs of all database operations including backup monitoring updates of the optimizer statistics and database checks

View and maintain check conditions used by a database system check

Logs for Administrative Database Operations

Monitors the storage behavior of the database and the status of the database objects

Displays the most important indicator for Oracle database performance

Monitors all preset alerts for different areas of the database

this report is called directly in transaction se38

This transaction replaces various transactions previously used for monitoring and administration

ST04OLD DB02OLD DB12OLD DB13OLD DB14OLD

In WAS 70 all previous transactions have been renamed to ltPrevious transaction codegtOLD


Spool and Output Requests Administration

WSADMIN

ABAP Development Workbench

SE80 Abap Object NavigatorSE38 Abap - Program EditorSA38 Abap - Program ExecutionSE11 Abap Dictionary EditorSE12 Abap Dictionary DisplaySE13 Dictionary - Technical Settings Define technical features of tablesSE14 DB Utility (to create tables in DB)SE16 Display and Create Table ContentsSM30 Maintain Table ViewsSM31 Maintain Table ViewsSD11 Abap Data ModelerSE93 Maintain TransactionsABAPDOCU Abap Documentation

Change and Transport System

SPRO SAP Customizing through IMG

SPRO_ADMIN SAP Customizing Project AdministrationSE09 Transport Organizer Create and Release of change requestsSE10 Transport Organizer Create and Release of change requestsSE01 Transport Organizer (Extended View)STMS TMS Configuration Create Systems Transport Routes and QA

SE06SE03 Transport Organizer ToolsSPAM Support Package Manager Application of Support PackagesSAINT Add-On Installation ToolSPDD Modification Adjjustment Dictionary

SPAU Modification Adjjjustment (other objects)SE95 Modification BrowserSNOTE Note Assistant

dico Hard reset of TMS

Client Administration

SCC4 Client Administration same as table T000SCCL Local Client CopySCC9 Remote Client CopySCC1 Copy Customizing Change RequestSCC5 Delete ClientSCC8 Client ExportSCC7 Client Import Post-processingSCC3 Client Copy LogsSCU0 Customizing Cross-System ViewerSCMP ViewTable System Comparison

Jobs Administration

SM36 Creation of JobsSM36WIZ Creation of Jobs (wizard)SM37 Job Monitoring


Intitialize transport tables and sys-change-option button

This is not a transaction It is a key that must be entered in the command field of transaction STMS

SM62 Events MaintainanceSM64 Trigger of eventsSM69 Mantener comandos OSSM49 Ejecuta comandos OSSM61 Create Job GroupsSMX Job Monitoring (own jobs)

LDAP Administration

LDAP Directory Service Connection

License Administration

SLICENSE SAP License AdministrationLICENSE_ADMIN License Administration Workbench

SLAW License AuditingUSMM System Measurement Transaction

Installation and Upgrade

(OS) -gt SAPINST SAP Installation(OS) -gt SAPUP SAP Upgrade - Abap(OS) -gt SAPJUP SAP Upgrade - JavaICNV Table Incremental Conversion

SAP Workflows

SWDD Workflow Builder

SWXFSWUI_DEMO Wokflows Demos

Application Link Enabling (ALE) Notes

WEDI Idoc basis WE02 Display idocs WE05 Monitoring of idoc lists WE07 Idoc statistics WE12 Inbound processing of outbound file WE14 Outbound processing from idoc

WE15WE16 Inbound processing of idoc file WE19 Test tool inbox WE20 Partner profiles WE21 Port definitions WE30 Idoc type editor WE31 Idoc segment editor WE42 See Inbound Process Code tableWE46 Idoc administration WE47 Status maintenance

WE57WE60 Documentation for idoc types WE61 Documentation for idoc record types

httphelpsapcomsaphelp_nw04helpdataeneeee133bfae0750ce10000000a11402fframesethtm

WF WS30000015 shows the absence notification process

Workflow demo - create absence notification

Outbound processing from message control

Assignment function module - logical message - idoc type

WE62 Documentation for segments (3x only) WE81 Overview of all message types

WE82NACE Customzing of output determination SO01 Integrated inbox SWO1 Business object builder SWO2 Business object repository SWLD Workflow workbench SWU3 Workflow customizing SWE2 Event type linkage SWI1 Display work items SWI2 Work item analysis SWUS Start workflow SWEL Workflow event log PPOS Display organizational plan PFTC Tasks PFAC Standard roles

SALE ALE customizing BALE ALE distribution BALD ALE development (40) BALM ALE master data (40) BALA ALE application (40) BD1011 Sendfetch material mastersBD1213BD1415 Sendfetch vendor BD2122 Selectdelete change pointers

BD40

BD4143

BD50BD53 Reduction of idoc types

BD54 Logical systems BD55 Conversion BD56 Segment filtering BD61 Activate change pointers BD64 Distribution model BD68 Lists BD72 Activate event coupling BD75 Status conversion for tRFC BD77 Distribution of control data BD78 Monitoring of control data distribution BD82 Generate partner profiles

BD87 Process inbound idocs BD88 Process outbound idocsBDM2 Idoc trace (idocs with receiver) BDM5 Consistency check BDM7 ALE audit statistical analyses BDM8 Send ALE audit confirmation BDM9 Reorganize the audit database BDRC Determine recovery objects (31I 45) BDRL Process recovery objects (31I 45) BDBG Generate ALE interface for BAPI (40)

Finds out which version of the basic type is best suited to your SAP systems release

You find all customizing settings in this transaction or you can get the same in the following path IMG (SPRO) -gt SAP NetWeaver -gt SAP Web Application Server -gt IDoc Interface Application Link Enabling (ALE)

Select change pointers for serialization group (40)

Dispatchpost idocs for serialization group (40)

Activate change pointers for message type

You can also get to this transaction by the following path SAP NetWeaver -gt SAP Web Application Server -gt IDoc InterfaceApplication Link Enabling (ALE) -gt Logical Systems

You can call this monitor to check the current status of Idocs in SAP R3 or mySAP ECC

BDBS Generate coding for mapping (40) BAPI BAPI browser (40) SM58 Aborted transactional RFCs SM59 RFC destinations

sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC

Report used to transfer IDocs to the communication layer if you selected the Collect IDocs output mode (instead of Transfer IDoc Imm) in the Outbound partner profile (WE20)

Report used to transfer IDocs to the ALE layer if you selected the Trigger by background program mode (instead of Trigger immediately) in the Inbound partner profile (WE20)

Report to view the change documents (that record each change made to their objects)

Report use to evaluate change pointers This program is usually scheduled as a periodic background job You can start the program for testing purposes with transaction BD21

Java Ports

httpltservergtltj2ee_portgt

where

lt2ee_portgt = 5XX00

XX = Instance Number

5XX00 WAS Netweaver Administration

5XX13 StartStop Instances Applet5XX04 Visual Administrator Tool5XX08 J2EE Admin Tool Telnet5XX18 SDM

Java Tools

httpltservergtltj2ee_portgtnwa SAP NetWeaver Administrator

httpltservergtltj2ee_portgtuseradmin SAP User Management Engine (UME)httpltservergtltj2ee_portgtsld

Visual Administrator

Locking Adapter J2EE Lock MonitoringSecurity Provider User ManagementMonitoring Service J2EE Monitoring

Configuration Adapter J2EE parameter administrationKey Storage Security Keys ManagementLog Viewer Errors CheckSLD Data Supplier

Jco RFC Provider

Security Transactions Description

SU01 User Maintenance

SU01D User Maintenance Display

SU02 Authorization Profiles

SU03 Authorization Objects and Authorizations Maintenance

SU05 Maintain Internet User

SU10 Mass Changes for Users

SU1 Maintain Own User Address

SU2 Maintian Own User Parameters

SU3 Maintain Users Own data

SU20 Maintain Authorization Fields

SU21 Maintain the authorization objects

SU22 Maintain the assignments of authorization objects

SU24 Profile Generator Maintain the assignments of Authorization Objects

SU25 Profile Generator Upgrade and First Installation

SU53 Check Failed Authorizations

SU56 Every user can display his or her own user buffer with this transaction

PFCG Role Maintenance Tool

PFUD User Master Data Reconciliation

SU80 Archive User Change Documents

ST01 System Trace (User Authorization Trace)

SE43 Area Menu Maintenance

SSM2 Set Initial Area Menu Systemwide

SUGR Group maintenance

BALE ALE Area MenuSTUN Performance Monitoring Menu

SECR (old transaction)

SM19 Security Audit (Static and Dynamic Configuration)

SM20 Analysis of Security Audit Log

SM18 Delete Old Security Audit Logs

SUIM User Information

User Information by Menu

SUCOMP User company address maintenance

SUCU

SNC1 Generate SNC name for user

SNC2 Export SNC name of user

SNC3 User initial control list 31-40

SNC4 Check canonical SNC names

SECSTORE Administration of Secure StorageSTRUST Trust ManagerSTRUSTSSO2 Trust Manager for Logon Ticket

RSUSR000 List of All Users Logged On

RSUSR002 Users by Complex Selection Criteria

RSUSR002_ADDRES Users by address data

RSUSR003 Check the Passwords of Standard Users in All Clients

RSUSR004 Restrict User Values to the Following Simple Profiles and Auth Ob

RSUSR005 List of Users With Critical Authorizations

RSUSR006 Locked Users and Users with Incorrect Logons

RSUSR007 Display Users with Incomplete Address Data

RSUSR008 By Critical Combinations of Authorizations at Transaction Start


SAP MenurarrToolsrarrAdministrationrarrUser MaintenancerarrInformation System

Assignment of tablesviews to authorization groups (or SM30 -gt V_DDAT) From Web AS 640 however the view is called V_DDAT_54 which causes SUCU to fail This means you must modify the parameter call in transaction SE93 to be able to display SUCU

Security and User Administration Reports (SE38SA38)

RSUSR008_009_NEW A system dependent option to control SoD violations


RSUSR010 Executable Transactions ( All Selection Options )

RSUSR011 Lists of transactions after selection by user profile or obj

RSUSR012 Search authorizations profiles and users with specified object va

RSUSR020 Profiles by Complex Selection Criteria

RSUSR030 Authorizations by Complex Selection Criteria

RSUSR040 Authorization Objects by Complex Selection Criteria

RSUSR050 Comparisons

RSUSR060 Where-used lists

RSUSR060OBJ Where-Used List Authorization Object in Program and Transactions

RSUSR061 Enter Authorization Fields

RSUSR070 Roles by Complex Selection Criteria

RSUSR080 Users by License Data

RSUSR100 Change Documents for Users

RSUSR100N Change Documents for Users

RSUSR101 Change Documents for Profiles

RSUSR102 Change Documents for Authorizations

RSUSR200 List of Users According to Logon Date and Password Change

RSUSR300 Set External Security Name for All Users

RSUSR301 Fill non-checking transactions with authobject S TCODE

RSUSR302 Delete authorization check on object S TCODE from table TSTCA

RSUSR400 Test Environment Authorization Checks (SAP Systems Only)

RSUSR401 Report to give all SAPCPIC users profile S_ACPIC

RSUSR402 Download user data for CA manager from Secude

RSUSR404 Conversion Program for Authorizations of Basis Development Environ

RSUSR405 Reset all user buffers in all clients (uncritical)

RSUSR406 Automatically Generate Profile SAP_ALL

RSUSR406_OLD Automatically Generate Profile SAP_ALL

RSUSR408 XPRA Conversion of USOBX-OKFLAG USOBX-MODIFIED for upgrade tool

RSUSR409 Transfer all translated titles to generated transaction codes

RSUSR421 Clean-up report TSTC-CINFO if no check in TSTCA

RSUSR500 User Administration Compare Users in Central System

RSUSR500D GUM Display Open Changes

RSUSR998 Call Reporting Tree Info System

RSUSREXT Enter Correct SNC Names in Table View VUSREXTID (from SAP R3 45)

RSUSREXTID Enter Correct SNC Names in Table View VUSREXTID (from SAP R3 45)

RSUSRLOG Log Display for Central User Administration

RSUSRSCUC CUA Synchronization of the Company Addresses

RSUSRSUIM User Information System

PFCG_TIME_DEPENDENCY HR Organizational Management Reconiciliation

RSABAPSC Search for AUTHORITY-CHECK statements

RSCSAUTH RSABAUTH

MaintainRestore Authorization Groups It creates a list of reports (type 1) (Program column) the authorization group delivered by SAP (SAP column) and the authorization group maintained by the customer (Customer column) The Customer column accepts input Customers can enter their own authorization groups here When the customer chooses Save the customers own authorization groups for all SELECTED reports are transferred to the table TRDIR This is equivalent to a change of the authorization group in the program attributes and the exiting SAP authorization groups are overwritten The authorization group for each report is also entered in the table SREPOATH meaning that the customers own authorization groups can be restored by restarting RSCSAUTH after an upgrade Start the program RSABAUTH The new authorization groups are written to the table TPGP

Table Name Description

PRGN_CUST Customize the role transportsSSM_CUST Defines initial picture in SESSION_MANAGERTADIR Table that contains all Data Dictionary ObjectsTADIR Contains all repository SAP objects

TPFYPROPTY

TSTC

USERS_SSMUSOBT Contain SAP default authorization objects

USOBT_C Contain the customer authorization objects

USOBX Contain SAP default authorization objects

USOBX_C Contain the customer authorization objectsUSR10 Table that contains all profiles delivered by SAPUSR40 Exception Table for PasswordsVDDAT TDDAT VDDAT_54 Assignment of tablesviews to authorization groupsV_BRG Definition of authorization groupsTPGP ABAP4 Authorization GroupsE070 Header information for the transport requestE071E071K Object list and keys from table entriesT000 Client Administration

USR41_MLD Registers multiple logons

Shows parameters properties (eg Dynamical vs Static parameters)

Table that contains all transactions codes of the system

System administrators can use this table to determine whether or not users are allowed to switch between the SAP menu and their user menus

Parameter

rdispmax_alt_modesrdispwp_no_diardispwp_no_vbrdispwp_no_vb2rdispwp_no_btcrdispwp_no_spordispwp_no_enqrdispstart_icmanrdispj2ee_startrdispTRACErdispbtctimerdispmax_wprun_time

rslgmax_diskspacelocal

recclient recclient recclient

logindisable_multi_gui_loginloginmulti_login_users

Description

Defines number of dialog workprocessesDefines number of update 1 workprocessesDefines number of update 2 workprocessesDefines number of background workprocessesDefines number of spool workprocessesDefines number of enqueue workprocessesInitialize ICMInitialize J2EESet the trace level for developer traces

ALL logs all clients000 [] logs the specified clientsOFF turns logging off

Defines how many sessions are permissible for each logon to the SAP system Can be set to values from two to nine the standard setting is six

Defines the size of the system Log (sm21) Each log entry takes up 192 bytes and the default log is 500160 bytes which is a multiple of 192 that corresponds to 2605 entries Once the log is full the oldest entries are overwritten

Security Parameters

Parameter Description

rsaulocalfile

rsaumax_diskspacelocal This parameter defines the maximum space to allocate for the audit files

rsauenable This parameter enables the security audit log

rsauselection_slots This parameter defines the number of filters to allow for the security audit log

rsaumax_diskspaceper_day (dynamic configuration)

rsaumax_diskspaceper_file (dynamic configuration)

authno_check_in_some_cases Enables Profile Generator

authauth_number_in_userbuffer

authnew_buffering

loginmin_password_lng Defines the minimum length of the passwordDefault value 3 permissible values 3 ndash 8

loginmin_password_digits Defines the minimum number of digits (0-9) in passwordsDefault value 0 permissible values 0 ndash 8Available as of SAP Web AS 610

loginmin_password_letters Defines the minimum number of letters (A-Z) in passwords Default value 0 permissible values 0 ndash 8Available as of SAP Web AS 610

loginmin_password_specials

Default value 0 permissible values 0 ndash 8Available as of SAP Web AS 610

loginpassword_charset This parameter defines the characters of which a password can consistPermissible values

Available in the standard system as of SAP Web AS 640loginmin_password_diff


loginpassword_expiration_time Defines the validity period of passwords in daysDefault value 0 permissible values any numerical value

loginpassword_change_for_SSO

Available as of SAP Web AS 610 as of SAP Basis 46 by Support Package

logindisable_password_logon Controls the deactivation of password-based logon


The audit files are located on the individual application servers You define the name and location of the files with this parameter (up to WAS 630)

In systems with release level 46A and higher this parameter definies the size of the user bufferAs of Kernel 620 the parameter is no longer evaluated

authauth_number_in_userbuffer parameter no longer has any effect if this profile parametes is 3 or 4

Defines the minimum number of special characters in the password Permissible special characters are $amp()=`+~-_[]ltgt and space

0 (restrictive) The password can only consist of digits letters and the following (ASCII) special characters $amp()=`+~-_[]ltgt| and space

1 (backward compatible default value) The password can consist of any characters including national special characters (such as auml ccedil szlig from ISO Latin-1 8859-1) However all characters that are not contained in the set above (for value = 0) are

2 (not backward compatible) The password can consist of any characters It is converted internally into the Unicode format UTF-8 If your system does not support Unicode you may not be able to enter all characters on the logon screen This restri

With loginpassword_charset = 2 passwords are stored in a format that systems with older kernels cannot interpret You must therefore only set the profile parameter to the value 2 after you have ensured that all systems involved support the new password

Defines the minimum number of characters that must be different in the new password compared to the old password

If the user logs on with Single Sign-On checks whether the user must change his or her password

This means that the user can no longer log on using a password but only with Single Sign-On variants (X509 certificate logon ticket)

loginpassword_logon_usergroup Controls the deactivation of password-based logon for user groupsAvailable as of SAP Web AS 610 as of SAP Basis 46 by Support Package

logindisable_multi_gui_login Controls the deactivation of multiple dialog logonsAvailable as of SAP Basis 46

loginmulti_login_users

Available as of SAP Basis 46loginfails_to_session_end

Default value 3 permissible values 1 -99loginfails_to_user_lock

Default value 12 permissible values 1 -99loginfailed_user_auto_unlock

Default value 1 (Lock applies only on same day) permissible values 0 1

loginpassword_max_new_valid Defines the validity period of passwords for newly created usersAvailable as of SAP Web AS 610 as of SAP Basis 46 by Support Package

loginpassword_max_reset_valid Defines the validity period of reset passwordsAvailable as of SAP Web AS 610 as of SAP Basis 46 by Support Package

loginaccept_sso2_ticket Allows or locks the logon using SSO ticketAvailable as of SAP Basis 46D as of SAP Basis 40 by Support Package

logincreate_sso2_ticket Allows the creation of SSO ticketsAvailable as of SAP Basis 46D

loginticket_expiration_time Defines the validity period of an SSO ticketAvailable as of SAP Basis 46D

loginticket_only_by_https The logon ticket is only transferred using HTTP(S)Available as of SAP Basis 46D

loginticket_only_to_host

Available as of SAP Basis 46Dlogindisable_cpic Refuse inbound connections of type CPIC

Controls the emergency user SAP (SAP Notes 2383 and 68048)

loginsystem_client

loginupdate_logon_timestamp Specifies the exactness of the logon timestampAvailable as of SAP Basis 46

rdispgui_auto_logout

Default value 0 (no restriction) permissible values any numerical valueloginno_automatic_user_sapstar Controls the SAP user

loginpassword_max_idle_initial

loginpassword_max_idle_productive

List of excepted users that is the users that are permitted to log on to the system more than once

Defines the number of unsuccessful logon attempts before the system does not allow any more logon attempts The parameter is to be set to a value lower than the value of parameter loginfails_to_user_lock

Defines the number of unsuccessful logon attempts before the system locks the user By default the lock applies until midnight

Defines whether user locks due to unsuccessful logon attempts should be automatically removed at midnight

When logging on over HTTP(S) sends the ticket only to the server that created the ticket

loginno_automatic_user_sapstar

Specifies the default client This client is automatically filled in on the system logon screen Users can type in a different client

Defines the maximum idle time for a user in seconds (applies only for SAP GUI connections)

You can use this parameter to determine the maximum time between the (re)setting of the password and the next logon with the initial password As soon as this period has expired the system displays message Initial password has expired and refuses the password logon However you can still logon using SSO

You can use this parameter to determine the maximum time between two password logons As soon as this period has expired the system displays a message stating that the password has not been used for a period of time and was therefore deactivated and the system refuses the password logon However you can still logon using SSO

The profile parameters loginpassword_max_new_valid and loginpassword_max_reset_valid have been replaced by the profile parameter loginpassword_max_idle_initial which means that the system no longer distinguishes between the first and the subsequent setting of a password by the user administrator regarding the restriction of the validity of the resulting initial passwords

S_TCODE Allow to start a transaction

S_USER_GRP Authorization to create or maintain a user master record and to assign it to a user group

S_USER_PRO Authorization for the authorization profiles that you assign to users

S_USER_AUTH Authorization to create and maintain authorizations

S_USER_AGR

S_USER_TCD Authorization for transactions that you may assign to the role in the Profile Generator

S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN

S_TRANSPRT is the authorization object for the Transport Organizer

S_CTS_ADMI

S_DEVELOP Authorizations for the ABAP Workbench (programming and debugging transactions SExx)

S_LOG_COM Authorization to execute logical operating system commands

S_BTCH_JOB Authorization Object for Job Operations

S_DATASET Authorization Object for File Access

S_RFC Authorization Object for RFC

Authorization Object

Authorization to protect roles With this authorization object you specify which roles can be edite and which activities (display change create etc) are intended for the role(s)

Authorization to restrict values that the system administrator can include in a role or change in the Profile Generator

The Programs (reports) are combined into program authorization groups and can be protected against unauthorized access using the groups and this authorization object

Defines which table contents may be maintained by which employees The authorization object S_TABU_DIS controls only complete accesses which are made using standard table maintenance (SM31) advanced table maintenance (SM30) or the Data Browser (SE16) These group assignments are defined in table TDDAT

Grants authorization to maintain cross-client tables with the standard table maintenance transaction (SM30) extended table maintenance transaction (SM31) and the Data Browser (SE16) Also acts as an additional security measure for cross-client tables and enhances the general table maintenance authorization S_TABU_DIS The object has the following field CLIIDMAINT If identifier X or is set cross-client tables can be maintained

Through the introduction of organization criteria it is possible to restrict a users access rights to specific parts of a table A possible use for S_TABU_LIN would be to display and to change content for only a certain work area such as a country or a plant

Is the authorization object for the administration functions in theChange and Transport System

Official Sites

The Online documentationThe SAP Service MarketplaceSAP Product Availability MatrixSAP Support Package StacksThe Information portalsSAP Insider OnlineThe SAP Developer NetworkSAP PressSAP Professional JournalSAP Interface Repository (Documentacioacuten BAPIs)SAP Connectors (Jco NET Business Connector etc)SAP Business Process CommunitySAP Business Community for DUET (webcasts)SAP Business Community for DUETSAP Business DUETSAP UI Design

httpwwwnetweavermagazinecom SAP NetWeaver MagazineSAP Performance Site

No Official Sites

SAP en CastellanoMundo SAPSAP Fans

httphelpsapcomhttpservicesapcomhttpservicesapcompamhttpservicesapcomsp-stackshttpwwwsapinfohttpwwwsapinsideronlinehttpsdnsapcomhttpwwwsap-presscomhttpwwwsapprocomhttpifrsapcomhttpservicesapcomconnectorshttpbpxsapcomhttpwwwsapcomcommunitypubinnovationduetwebcastsepxhttpwwwsapcomcommunitypubinnovationduethttpwwwduetcomhttpwwwsapdesignguildorg

httpservicesapcomperformance

httpsap4comhttpwwwmundosapcomhttpwwwsapfanscomhttpsearchsaptechtargetcomhttpwwwsap-imgcomhttpwwwsapdbinfohttpsapbasicwordpresscom

The Online documentationThe SAP Service MarketplaceSAP Product Availability MatrixSAP Support Package StacksThe Information portals

The SAP Developer Network

SAP Professional JournalSAP Interface Repository (Documentacioacuten BAPIs)SAP Connectors (Jco NET Business Connector etc)SAP Business Process CommunitySAP Business Community for DUET (webcasts)SAP Business Community for DUET

SAP NetWeaver MagazineSAP Performance Site

WAS Academy Nov_Dec 2009

WAS_Admin_Transactions

Security_Transactions

Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

40 SPRO_ADMIN SAP Customizing Project Administration41 SCC4 Client Administration42 SE09SE10 Transport Organizer43 STMS TMS Configuration44 ABAPDOCU Abap Documentation45 SE13 Dictionary - Technical Settings46 SE14 DB Utility (to create tables in DB)

TADM10_2

47 SITSPMON Internal ITS Status

48 SICFRECORDER

49 SMLG SAP Logon Groups

50 SU5651 SUGR Group maintenance52 SE43 Area Menu Maintenance53 SSM2 Set Initial Area Menu Systemwide54 SU10 Mass Changes for Users55 SU02 Authorization Profiles

56 SU0357 SU53 Check Failed Authorizations58 ST01 System Trace (User Authorization Trace)59 PFUD User Master Data Reconciliation60 SUIM User Information

61 SECR

62 SM20 Analysis of Security Audit Log

63 SM1964 SM59 RFC Destinations65 SM58 Transactional RFC66 SMQ1 qRFC (outbound queue)67 SMQ2 qRFC (inbound queue)

68 RSRFCCHK69 RSARFCLD Report that gets and sets RFC quotas70 BD64 Distribution model 71 WE20 Partner profiles

72 WE21 Port definitions


Every user can display his or her own user buffer with this transaction

Authorization Objects and Authorizations Maintenance


Security Audit (Static and Dynamic Configuration)








SEARCH_SAP_MENU

SEARCH_USER_MENU




oXXXX

nend
















SLG0

SLG1

SLG2



Batch Input


SAP Archiving







Monitoring Notes









ST03G

STATTRACE

STAD


SA38 -gt RSTBHIST






DB05
























RFC Notes


RSRFCCHK

Printers



Web Services Notes













WSADMIN











Jobs Administration






LDAP Administration







SAP Workflows















BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites







SEARCH_SAP_MENU

SEARCH_USER_MENU




oXXXX

nend
















SLG0

SLG1

SLG2



Batch Input


SAP Archiving







Monitoring Notes









ST03G

STATTRACE

STAD


SA38 -gt RSTBHIST






DB05
























RFC Notes


RSRFCCHK

Printers



Web Services Notes













WSADMIN











Jobs Administration






LDAP Administration







SAP Workflows















BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites


SLG0

SLG1

SLG2



Batch Input


SAP Archiving







Monitoring Notes









ST03G

STATTRACE

STAD


SA38 -gt RSTBHIST






DB05
























RFC Notes


RSRFCCHK

Printers



Web Services Notes













WSADMIN











Jobs Administration






LDAP Administration







SAP Workflows















BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites



ST03G

STATTRACE

STAD


SA38 -gt RSTBHIST






DB05
























RFC Notes


RSRFCCHK

Printers



Web Services Notes













WSADMIN











Jobs Administration






LDAP Administration







SAP Workflows















BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites









RFC Notes


RSRFCCHK

Printers



Web Services Notes













WSADMIN











Jobs Administration






LDAP Administration







SAP Workflows















BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

WSADMIN











Jobs Administration






LDAP Administration







SAP Workflows















BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites


LDAP Administration







SAP Workflows















BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites




BD40

BD4143












sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites


sa38 -gt RSEOUT00

sa38 -gt RBDAPP01

sa38 -gt RSSCD100

sa38 -gt RBDMIDOC





Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

Java Ports


where





Java Tools






Jco RFC Provider

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

































SUCU





























































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites











































RSCSAUTH RSABAUTH




TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites



TPFYPROPTY

TSTC









Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

Parameter





Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

Description





Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

Security Parameters


rsaulocalfile








authnew_buffering









































loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

















loginsystem_client





















S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites





S_USER_AGR


S_USER_VAL

S_PROGRAM

S_TABU_DIS

S_TABU_CLI

S_TABU_LIN


S_CTS_ADMI














Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

Official Sites



No Official Sites












Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites








Important Tables

Admin Parameters

Auth Parameters

Auth Objects

SAP Info Sites

transacciones was

Documents

declare individual

predefined

failed service

analyze security

unsuccessful

official sites

support package

security audit