A well-cared-for emergency user concept enables the audit-proof allocation of extended permissions in combination with the assurance of daily operations in your company. This article first addresses the fundamental issues that require an emergency user approach. It then briefly explains how such a concept works in general and how we implement it. An Emergency User is normally used when tasks are temporarily taken over outside the initial field of activity. I described the different scenarios of when such a user can be used and how to deal with them in this blog post for you. Why is an emergency user approach important? There are several scenarios in which the use of an emergency user with extended rights is useful: In urgent cases, it is often necessary to be able to quickly make changes to the system that are outside the user's actual field of activity. A key user who has the necessary permissions is on vacation and needs a representation. The same user suffers short-term illness and his/her representative must take over his/her duties to ensure the operation. We recommend developing a concept for the short-term allocation of the additional permissions. This will ensure the implementation of the above scenarios. How does an emergency user approach work? An emergency user concept in SAP works fundamentally via a temporary assignment of additional rights to a specific user. After the tasks have been completed, the user is deprived of the rights. The tasks performed with the extended permissions are logged and can then be evaluated by an auditor. However, there are a few things to keep in mind: A process for granting special rights should be defined. It must be specified which users can get special rights. The time period for which users can request an emergency user should be limited.
However, the tasks also include strategic and planning aspects. For example, administrators define requirements and standards, select and control upgrades or extensions, implement monitoring processes, and take care of necessary backups and emergency management.
In order to drive innovation in the company, it is necessary to establish a team or a few experts whose recognised role is to promote research projects and PoCs, to continuously train themselves in this regard, to develop innovation proposals and to bring them into the committees. They are therefore largely excluded from operational operations. CONSTRUCTION OF A TEST LABORATORY In addition to resources, it is also necessary to create the framework conditions for the implementation of the research and pilot projects. To this end, it is recommended to set up a test laboratory with as few restrictions as possible on company standards. These are often so massive that a quick and effective implementation of pilot projects is severely hindered or completely prevented.
There are the following reasons that may lead to the termination of this step: CANNOT_GET_OBJECT_LIST: The Object List of a Support Package could not be found because the Support Package does not exist. CANNOT_GET_LAST_UPGRADE_INFO: Unable to locate information about the latest Repository Switch upgrade. UNRESOLVED_ADDON_CONFLICTS: Conflicts with add-ons could not be resolved because the corresponding CRTs from the queue are missing. SPDD_SPAU_CHECK This step will check if a modification match (transactions SPDD/SPAU) is necessary. DDIC_IMPORT This step imports the ABAP Dictionary.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
Security and Documentation In a centralised user administration, users can be locked down efficiently on all systems or access rights can be changed.
You can rely on these services: