Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
20Activity
0 of .
Results for:
No results containing your search query
P. 1
User Admin

User Admin

Ratings: (0)|Views: 322|Likes:
Published by vsivaramakrishna
SAP R/3 BASIS USER ADMIN
SAP R/3 BASIS USER ADMIN

More info:

Published by: vsivaramakrishna on Feb 10, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

04/05/2013

pdf

text

original

 
 System Administration Made Easy 12
 –1
&KDSWHU
8VHU$GPLQLVWUDWLRQ
 
&RQWHQWV
Overview................................................................................................................12
 –2Recommended Policies and Procedures...........................................................12–3New User Setup.....................................................................................................12–7Maintaining a User (SU01)..................................................................................12–24Resetting a Password (SU01)............................................................................12–26Locking or Unlocking a User (SU01).................................................................12–27User Groups........................................................................................................12–29Deleting a User’s Session (Transaction SM04)................................................12–32
 
Chapter 12: User AdministrationOverviewRelease 4.6A/B
 
12
 –2
 
2YHUYLHZ
User administration is a serious function, not just a necessary administrative task. Security isat stake each tim
e the system is accessed. Because the company’s financial and otherproprietary information is on the system, the administrator is subject to externalrequirements from the company’s external auditors, regulatory agencies, and others.Customers should consult with their external auditors for audit-related internal control useradministration requirements. For example, human resources should be consulted if the HRmodule is implemented or if personnel data is maintained on the system.A full discussion on security and user administration is beyond the scope of this guidebook.For example, manually creating and maintaining security profiles and authorizations is alsonot covered. Our discussion is limited to a general introduction and a list of the majorissues related to security. The two sections below affect all aspects of security, which is whywe begin with them.
8VHU*URXSV
User groups are created by an administrator to organize users into logical groups, such as:
<
Basis
<
Finance
<
ShippingFor additional information, refer to the section
User Groups
on page 12–29.
3URILOH*HQHUDWRU
The Profile Generator
 
is a tool used to simplify the creation and maintenance of SAPsecurity. It reduces (but does not eliminate) the need for specialized security consultants.The value of the Profile Generator
 
is more significant for smaller companies with limitedresources that cannot afford to have dedicated security administrators. For moreinformation on the Profile Generator, see the
 Authorizations Made Easy
guidebook.
 
Chapter 12: User AdministrationRecommended Policies and ProceduresSystem Adminstration Made Easy12
 –3
 
5HFRPPHQGHG3ROLFLHVDQG3URFHGXUHV
Some of the tasks in this guidebook are aimed at complying with common audit procedures.Obtaining proper authorization and documentation should be a standard prerequisite for alluser administration actions.
8VHU$GPLQLVWUDWLRQ
User administration tasks comprise the following:
<
User ID naming conventions
The employee’s company ID number (for example, e0123456)
Last name, first initial, or first name, last initialIn a small company where names are often used as ID, it is common to use theemployees last name and first initial of the first name or the employee’s first nameand first initial of the last name (for example,
doej
or
johnd
, for John Doe).
Clearly identifiable user IDs for temporary employees and consultants (for example,T123456, C123456).
<
Adding or changing a user
The user’s manager should sign a completed user add-or-change form.
The form should indicate the required security, job role, etc., that defines howsecurity is assigned in your company.
If security crosses departments or organizations, the affected managers should alsogive their approval.
If the user is not a permanent employee, or if the access is to be for a limited time, thetime period and the expiration date should be indicated.
The forms should be filed by employee name or ID.
A periodic audit should be performed, where all approved authorizations areverified against what was assigned to the user.
<
Users leaving the company or changing jobs
This event is particularly sensitive.The policies and procedures for this event must be developed in advance and becoordinated by many groups. As an example, see the table below.

Activity (20)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Florin V. Iagaru liked this
Praveen Asthana liked this
panarayana69 liked this
paulista.sp liked this
Deepak liked this
sryalla liked this
jeversondavidson liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->