What does an SAP administrator need to be able to do?
System maintenance and support of running systems
However, the system modifiability has no influence on customising changes that are customised by the client. If you want to set the customising changes to customise, you must go to the client control. You can achieve this either by pressing the button "Client Control" when changing the system or by calling the table T000 via the transaction SM30. If you are now in the list of clients, you can double-click on the respective row to jump into the settings of the respective client. Here you can also make the desired settings and save them. Step-by-Step Tutorials System Modifiability (Customising Settings and Repository Objects that are independent of the client) Call the SE06 and click on "System Modifiability". Adjust the desired objects and global setting, depending on your request. Save the changes. Client control (custom customising settings) Call the T000 table in the SM30. Double click on the desired client. Change the settings here depending on your request. Save your changes.
A role concept according to best practice protects you from potential attacks within your SAP landscape. However, to protect your system from unauthorized access via the network, a correct configuration of the SAP gateway is required. It enables the use of external programs via interfaces or the call of ABAP programs and serves as a technical component of the application server, which manages the communication of all RFC-based functions.
Authorizations
For example, many customer ABAP programs work by uploading or downloading data. There are potentially large security gaps here that allow access to server data. In addition, the widespread direct invocation of operating system commands that are not covered by a self-programmed authorization check is a major problem. Even though classic SQL injection, i.e., the entry of extended SQL commands, is a potential security vulnerability, it occurs rather rarely in SAP systems. More widespread is the unintentional dynamization of SQL calls because input parameters are not sufficiently checked. The need to check all in-house developments internally for such security vulnerabilities before they are delivered in SAP's own code has led to the development of the SAP Code Vulnerability Analyzer tool.
With the SPAM transaction, you can always find out about the record status of your system. The SPAM transaction is included in the SAP Upgrade process. SAP Patch Manager (SPAM) (BC-UPG-OCS) SAP AG SAP Patch Manager (SPAM) (BC-UPG-OCS).
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
Use the external sources: This is a very pleasant way for the company to improve the internal processes through ELearning.
You can use the SAP system's own login.