Post on 01-Oct-2015
SAP ERP IT
2008
2009 12
2009JSSAAll right reserved
2009JSSAAll right reserved
1 SAP ERP IT 1
1.1 SAP ERP IT 1 1.2 SAP ERP IT 1 1.3 1 1.4 2
2 IT SAP ERP 3 2.1 SAP ERP Web 3 2.2 SAP ERP 4 2.3 SAP ERP 4 2.4 5
2.4.1 5 2.4.2 6 2.4.3 7
2.5 8 2.6 8
2.6.1 8 2.6.2 9
2.7 10 2.8 11 2.9 AIS 13 2.10 14
3 19 3.1 19 3.2 19
SAP ERP IT 21 4.1 22 4.2 23 4.3 27 4.4 31
5 34 6 60
6.1 60 6.2 60 6.3 60 6.4 60
2009JSSAAll right reserved
1
1. SAP ERP IT
1.1 SAP ERP IT B 2007 ERP
SAP ERP
(SAP ERP ERP )
2007 SAP ERP
IT 19 3 30
IT SAP ERP (
SAP ERP )SAP ERP
IT
SAP ERP IT
2008
SAP ERPECC 6.0
SAP ERP IT
1.2 SAP ERP IT SAP ERP IT
SAP ERP ITGC
SAP ERP
SAP ERP IT
IT
ERP
2007
SAP ERP
1.3 IT
2009JSSAAll right reserved
2
SAP ERP SAP ERP
SAP ERP
SAP ERP ITGC
SAP ERP IT
1.4 SAP ERP IT
()
ISU
ITC
IT
2009JSSAAll right reserved
3
2. IT SAP ERP
2.1 SAP ERP Web SAP ERP Web
SAP 2.1-1
2.1-1 SAP ERP
Web
SAP ERP OS DBMS Web
OSDBMS
SAP ERP OS DBMS
OS SAP ERP WindowsUNIX
OS DBMD APIApplication Program Interface
SAP
ERP SAP SAP ERP OS DBMS
ERP
OS DBMS
SAP IT OSDBMS OSDBMS
SAP Web
2009JSSAAll right reserved
4
Web
2.2 SAP ERP SAP ERP Web
3 ISO27001 A10.1.4
Audit Information System
2.3 SAP ERP 2.3-1 SAP SAP ERP
SAP
SAP ERP OS OS
2009JSSAAll right reserved
5
AIS
Audit Information System
ERP
SAP ERP
2.3-1 SAP ERP
2.4
2.4.1 3 SAP ERP
ISO27001 A10.1.4
SAP ERP
2.4.1-1 SAP
3
2009JSSAAll right reserved
6
2.4.1-1 3
2.4.2 SAP ERP
2.4.2-1
ID
2.4.2-1
2009JSSAAll right reserved
7
2.4.3 SAP ERP
2.4.3-2
3
2009JSSAAll right reserved
8
2.4.3-2
2.5
2.6
2.6.1 SAP ERP 3
Identification
Authentication
Authorizeion
2.6.1-1
2009JSSAAll right reserved
9
SAP ERP
SAP ERP SAP Easy Access
2.6.1-1 SAP ERP
2.6.2 SAP ERP
ID ID SAP*DDIC
ID
SAP*
2009JSSAAll right reserved
10
SAP*
ID SAP*SAP*
06071992 SAP*
SAP*PASS
SAP*
SAP SAP*
ID
SAP*
ID
SAP*SAP*
SAP*PASSSAP*
SAP*06071992
SAP*
SAP*PASS
SAP*
SAP*
ID login/no_automatic_user_sapstar
DDIC DDIC
ID
SAP* DDIC
2.7 SAP ERP 3
SAP ERP
2009JSSAAll right reserved
11
2.7-1 SAP ERP
SAP ERP
SAP
SAP
SAP
2.7-1
2.8
2009JSSAAll right reserved
12
2.8-1
SAP ERP
2.8-1
2009JSSAAll right reserved
13
2.8-2
&B &A
&B &A
RFC/CPIC RFC/CPIC RFC &C ( = &A)
RFC &C ( = &A)
&A &A &A &A &A &A ( = &B) &A &B
&A &A &A &A &A / &B / &B / &B &A / &B &A &C &A &B
2.9 AIS
AISAudit Information SystemSAP ERP
SAP
4.6
2.9-1
2009JSSAAll right reserved
14
SAP ERP
3 AIS ID
SAP_AUDITOR_SA_BC
SAP_AUDITOR_SA_BC_CCM_USR
SAP_AUDITOR_SA_BC_CUS_TOL
2.9-1
2.10 SAP ERP
2.10-1
2.10-1 ID
login/disable_multi_gui_login
1 R/3 ()
2009JSSAAll right reserved
15
ID SAPGUI
login/failed_user_auto_unlock
1 () 0
login/fails_to_session_end
1 ID
login/fails_to_user_lock
ID
login/min_password_diff
(==> )
login/min_password_digits
(0-9) / 0 8
1
login/min_password_letters
/ 0 - 8
login/min_password_specials
/ ( !\@$%&/()=?`*+~#-_.,;:{[]}\\ ) 0 8
login/min_password_uppercase
login/password_downwards_compatibility 5 : (A - Z)
login/min_password_lowercase
login/password_downwards_compatibility 5 : (a - z)
login/min_password_lng
login/multi_login_users
R/3 ID ()
ID
login/no_automatic_user_sapstar
SAP*
login/password_comp ID
2009JSSAAll right reserved
16
ID liance_to_current_policy
0 : 1 : "SERVICE" "SYSTEM" NetWeaver 7.0 ( 862989)
login/password_expiration_time
0
login/password_max_idle_initial
() "The initial password has expired; request a new one"
login/password_max_idle_productive
"" login/password_change_waittime login/password_expiration_time "Password was not used for a long period and therefore deactivated"
login/password_max_new_valid
ID 0 1
rdisp/gui_auto_logout
Web AS ABAP 7.00 NetWeaver 2004s :
8 40
40
( 8 )
Web AS ABAP 7.00 NetWeaver 2004s
2009JSSAAll right reserved
17
8 32
()
z login/min_password_lowercase z login/min_password_uppercase z login/password_downwards_compatibility
: ( 5 ) (
)
5
(login/password_history_size)
( 100 ) ( 1)
(: )
login/password_change_waittime (: 1000 )
()
()
login/password_compliance_to_current_policy = 1
(
)ID
SERVICE SYSTEM ()
()
z login/password_max_idle_initial z login/password_max_idle_productive
2009JSSAAll right reserved
18
:
""
(:
)
z ": " z " - "
z login/failed_user_auto_unlock : 0 (1 )
z login/fails_to_user_lock : 5 (12 ) 5
z login/no_automatic_user_sapstar : 1 (0 )
z login/min_password_lng : 6 (3 ) 6
z login/ticket_expiration_time : 8 (60 ) 8
login/password_max_new_valid
login/password_max_reset_valid login/password_max_idle_initial
2009JSSAAll right reserved
19
3 3.1
3.1-1
3.1-1
3.2
(1)
3.2-1
RFC
2009JSSAAll right reserved
20
(2)
A
B A
C
A
B C
(3)
OKNG
3.2-2
2009JSSAAll right reserved
21
4 SAP ERP IT
4
1.
2.
3.
4.
5.
6.
4-1
2009JSSAAll right reserved
22
4.1
Web
3
4.1-1
2009JSSAAll right reserved
23
4.2
SAP
1 4
5 9
1013
1417
1821
2224
2528
2931
COBIT for SOX
SAP
4.2-1
31
6
11
2009JSSAAll right reserved
24
2009JSSAAll right reserved
25
4.2-2
1
2
3
4
5
6,7,8
9
10
11,12
13
2
3
2,3,4
14
15,16
17
2009/06
2009JSSAAll right reserved
26
4.2-3
2,3,4
18
19,20
21
2,3,4
22
23
24
25
26,27
28
1
29
30
31
2009JSSAAll right reserved
27
4.3
1 ID
OS ID
ID ID
ID
2
OS
3
4 ID
ID
5
ID
2009JSSAAll right reserved
28
11 1N N1
4.3-1
33
1
2
6
13
17
21
ID /
?
ID
?
2009JSSAAll right reserved
29
4.3-2
2009JSSAAll right reserved
30
4.3-3
2009JSSAAll right reserved
31
4.4
SAP
8
1
2
3
4
5
5 SAP
7 OS
8
COBIT for SOX
2009JSSAAll right reserved
32
4.4-1
3-(2)--
6 SAP
SAP
SAP
SAP
RZ20
SM21
SM13
ABAP
ST22
No1
No28
2009JSSAAll right reserved
33
4.4-2
2009JSSAAll right reserved
34
5
SAP ERP 5-1
ABAP Advanced Business Application Programming Language SAP ABAP COBOL ABAP ABAP SAP ABAP Advanced Business Application Programming. The SAP programming language.
ABAP-OO ABAP Object-Oriented ABAP Component of the ABAP programming language that allows object-oriented programming on the basis of classes and interfaces.
ABAP ABAP Editor ABAP The ABAP Editor enables you to create, test and change ABAP programs, function modules, screen flow logic and logical databases. The ABAP Editor provides functions to support program development, as well as normal text operations such as insert, find, and replace. You can use the ABAP Editor in the following modes: Editor control mode PC mode with line numbering PC mode without line numbering Command mode
ABAP SAP Query A tool that allows users who have no knowledge of the ABAP programming language to define and execute their own reports. To determine the structure of reports in SAP Query, you just have to enter texts, and select fields and options. If necessary, you can edit lists using Drag&Drop and the functions in the available toolbars.
ABAP
ABAP dictionary SAP ABAP ABAP A directory containing data. An ABAP dictionary contains the following information: Description of all application data for an enterprise Relationships between the application data Use of the application data in programs and screen templates The descriptive data for the ABAP Dictionary is also known as meta data since is represents data about data.
2009JSSAAll right reserved
35
ABAP ABAP program ABAPABAP21 SE93 2 SAP ID 'R'RFBILL00 FIBSPL
ABAP
ABAP workbench ABAP CASEComputer Aided Software EngineeringSAP SAP Integrated graphical development environment in the SAP System. The ABAP Workbench allows you to develop, modify, test, and manage client/server applications written in ABAP. The ABAP Workbench tools enable you to: Write ABAP code Create user interfaces Check applications for errors Create and access database information Create Internet services
ACID Atomicity, Consistency, Isolation Durability Atomicity Consistency Isolation Durability
ALOG ALOG ALOG ALOG log ( bin ) ALOG$ ( syear)$ ( yweek) 2 SLOG
APPC Advanced Program to Program Communication Protocol developed by IBM as part of its Systems Network Architecture (SNA). The protocol is designed to be enable application programs running on different computers to communicate with each other and exchange data.
BAPI Business Application Programming Interface SAP CORBADCOM SAP BAPI BAPI ID API A standardized programming interface that facilitates external access to business processes and data in the SAP System. You define Business Application Programming Interfaces (BAPIs) in the Business Object Repository (BOR) as methods of SAP business objects or SAP interface types. BAPIs offer an object-oriented view of business components in the SAP System. They are
2009JSSAAll right reserved
36
implemented and stored as RFC-enabled function modules in the Function Builder of the ABAP Workbench.
BAPI ActiveX ActiveX control that enables external applications to access business functions in the SAP System by calling BAPIs through OLE Automation. OLE-enabled client programs access proxy objects, which are instances of SAP business objects managed by the BAPI ActiveX control. These proxy objects correspond to real SAP business objects stored in SAP's Business Object Repository (BOR). The actual details of the process are invisible to the client program, because the data structures exported from the SAP System through the BAPI ActiveX control are encapsulated in objects.
BAPI The BAPI Browser displays all the business objects, for which BAPIs have been implemented. BAPI
BC Basis Component 46D SAP FICOSDMMPP SAP SAP
BC Business Connector A middleware application based on the B2B integration server from webMethods. The SAP Business Connector enables both bi-directional synchronous communication and asynchronous communication between SAP applications and SAP and non-SAP applications. The SAP Business Connector makes all SAP functions that are available via BAPIs or IDocs accessible to business partners over the Internet as an XML-based service. The SAP Business Connector uses the Internet as a communication platform and XML or HTML as the data format. It integrates non-SAP products by using an open, non-proprietary technology.
BDC Batch Data Communication BDC SAPBDC BDC BDC LSMW)BDC LSMW
CCMS Computing Center Management System SAP SAP CCMS provides intergrated tools for the monitoring and administration ofSAP system landscapes. It covers the following task areas: System monitoring over the whole landscape Determining and displaying statistical data System management (e. g. starting and stopping of SAP systems, configuration, printing, background processing, resource management, database administration)
2009JSSAAll right reserved
37
CCMS CCSV Customizing Cross System Viewer
4.6
CMS Contents Management Service Web Web
CPI-C Common Programming Interface-Communication IBM Standardized interface for system-wide communication between programs. (Common Programming Interface-Communication). The protocol can be divided into four areas: Session setup Session control Communication End of session
CTO Change and Transport Organizer(/) C A set of tools in the SAP System for managing development projects in the ABAP Workbench and in Customizing, and for preparing and managing transports between SAP Systems.
CTS Change & Transport System (BC-CTS) / A set of tools in the SAP System for managing and transporting ABAP Workbench and Customizing changes made in systems in the SAP System landscape and distributed between these systems. Correction & Transport System SAP Change & Transport System
CUA Central User Administration SAP ALE SAPAPOCRM SAP CUA () CUA SAPEnterprise) () The maintainenance of users in a central system. A system group includes several SAP systems with several clients. The same users are often created and the same roles assigned in each client. Central User Administration is designed to perform these tasks in a central system and distribute the data to the systems in the system group.
DDIC SAP*SAP DDIC ABAP SAP 000 001 DDIC 000 001 DDIC 19920706 DDIC SAP*
DFD Data Flow Diagram
DIA Dialog work process SAP GUI
Dynpro Dynamic Program Dynpro ID Dynpro PBO(Process Before Output)PBO PAI (Process After Input)
2009JSSAAll right reserved
38
PAI Exit SAP Exit
EXIT 4.6A Exit Exit Exit SAP EXIT Dynpro Exit SAP EXIT SAP SAP Dynpro Dynpro Exit Exit SAP EXIT SAP CALL CUSTOMER-FUNCTION 001 Exit ABAP EXIT F1 CMOD Program interface at which additional methods can be inserted without modifying the original object. Java component comparable to Business Add-Ins, User Exits, Customer Function Calls.
LSMW Legacy System Migration Workbench SAP LSMW SAP An SAP system tool that supports one-time and periodic data transfers from external systems to SAP systems. The Legacy System Migration Workbench facilitates the conversion of data to the necessary format. Technologies supported include Batch Input, Call Transaction, Direct Input, BAPIs, and EDI. The Legacy System Migration Workbench is only available as an add-on. Additional data transfer tool: Data Transfer Workbench (DX-WB).
PAI Process After Input DynproDynpro
PID Parameter ID PID PID F
QA SAP
RFC Remote Function Call CPI-C SAP RFC RPC IDRFC Export,Inport Call of a function module that runs in a different system (destination ) from the calling program. Connections are possible between different SAP systems and between an SAP system and a non-SAP system. In non-SAP systems, instead of function modules, special programmed functions are called, whose interface simulates a function module. We distinguish between synchronous, asynchronous, and transactional function calls. The called system is accessed via the RFC interface. RFC
2009JSSAAll right reserved
39
RFC Remote Function Call RFCSAP RFC RFC SM59RFC
SAINT SAP Add-On Installation Tool SAP Tool that allows you to install and upgrade add-ons directly from the SAP System
SAP GUI SAP Graphical User Interface SAPSAPSAP GUI (SAP GUI SAP SAP GUI Windows JAVA HTML SAP system software component on the presentation server. Represents the SAP-specific GUI of the ABAP-based application server applications and supports additional functions on the presentation server, such as GUI controls or OLE automation.
SAP GUI SAP GUI SAP system software component on the presentation server. Represents the SAP-specific GUI of the ABAP-based application server applications and supports additional functions on the presentation server, such as GUI controls or OLE automation.
SAP LUW SAP Logical Unit Work SAP LUW LUW LUW SAP SAP LUW Logically connected unit of dialog steps whose database changes are executed within a single database LUW. SAP LUWs are realized using bundling techniques in which update function modules or subroutines are registered in different work processes and executed by a single work process. A SAP LUW is ended using the Open SQL statement COMMIT WORK . Changes within a SAP LUW can be undone using the Open SQL statement ROLLBACK WORK.
Web
SAP Web dispatcher (Internet Communication Manager (BC-CST-IC)) The SAP solution for load balancing of Web requests. If more than one instance of the SAP Web Application Server is being used at any one time, the SAP Web dispatcher accepts requests from the browser and forwards these to the application server that currently has the most capacity. The choice of application server is based on information from the SAP Message Server. Administration is thus made much easier, as there is only one point of entry (IP address, HTTP port, and so on) to the SAP system.
SAP* SAP* SAP ID ID SAP* SAP SAP* 2 SAP*PASSSAP* SAP* SAP* SAP* SAP*06071992 SAP* ID DDIC
SAPconnect SAP SAP FAXSMTPX.400SMS The RFC interface for integrating external communications with the SAP System. SAPconnect enables third-party vendors to connect their communication servers to the SAP System. The following communication methods are supported: Fax
2009JSSAAll right reserved
40
Internet (SMTP) X.400 Paging (SMS) R/3 to R/3 Printer
SAPExchange
MS Exchange Server SAP
SAP SAP SAP ABAP ABAP A tool that allows users who have no knowledge of the ABAP programming language to define and execute their own reports. To determine the structure of reports in SAP Query, you just have to enter texts, and select fields and options. If necessary, you can edit lists using Drag&Drop and the functions in the available toolbars.
SAP SAPscript SAPSAPSAPSSP A tool for text management and form printing. SAPscript consists of the following components: An editor for entering and editing text Styles and forms for designing the print layout A composer, which is the central module for output formatting A programming interface for integrating SAPscript components in your own application programs and programming the output using forms Various database tables for storing texts, styles and forms
SAP SSCR
SAP Software Change Registration SAP SAP SAP SAP SSCR SSCR Procedure that registers modifications to SAP Repository objects and thus provides an overview. SAP Software Change Registration does not register SAP matchcodes and tuning measures (such as the creation of database indexes and buffers).
SLO System Landscape Optimization SLOG R/3
SLOG SLOG SLOG log ( bin ) SLOG$ ( syear)$ ( yweek).$ ( system) 2 ALOG
SPP service parts planning
SQL Structured Query Language SQLSQL SQL SQL
TMS Transport Management System
2009JSSAAll right reserved
41
TMS
TMS QA QA QA QA
TPPARAM TP global Parameter file UDDI UDDI Web
UME SAP User Management Engine
Java-based user management component that features centralized user management, Single Sign-On, and secure access to distributed applications
VB VerbuchenUpdate WAS Web Application Server
Web AS "WAS"
WBO Work Bench Organizer Tool for managing central and decentralized development projects in the ABAP Workbench. The Workbench Organizer is part of the Change and Transport Organizer (CTO). CTO
Web AS Web Application Server NetWeaver WASABAPHTTPXML WAS isThe SAP NetWeaver application platform. SAP Web Application Server supports native Internet technology such as HyperText Transfer Protocol (HTTP), eXtensible Markup Language (XML), as well as the Java and ABAP programming languages. SAP Web Application Server facilitates the development of Web applications with server-side scripting technologies, provides a scalable and reliable Web application infrastructure that delivers Web services at high performance, ensures that an e-business solution is always online, and supports Web access via a Web browser and a range of mobile devices.
WIF Work Flow Information System WP Work Process
Archive Object
Archive Link SAP BC SAP
Add in A location in a program defined by the developer where software recipient layers such as industries, partners and customers can insert additional code without modifying the original object. Business Add-Ins enable you to distinguish between enhancements that can have no more than one implementation and those that can be actively used by any number of customers at the same time. You can also define Business Add-Ins that depend on a filter value. You can create Business Add-Ins at every level of a multi-level system infrastructure. You edit Business Add-Ins in the BAdI Builder.
add on SAP YZ
2009JSSAAll right reserved
42
Transport
SAP ABAP SAP SAP The transfer of SAP System components from one system to another. The components to be transported are specified in the object list of a transport request. Each transport consists of an export process and an import process: The export process reads objects from the source system and stores them in a data file at operating system level. The import process reads objects from the data file and writes them to the database of the target system. The SAP System maintains a transport log of all actions during export and import.
/
Change and Transport Organizer (CTO) ABAP SE10)SE09)SE01)C SE01) A set of tools in the SAP System for managing development projects in the ABAP Workbench and in Customizing, and for preparing and managing transports between SAP Systems.
/
CTS
Transport Request OS SAP Document for copying corrections between different system types. A transport request records released corrections. When the request is released, the transport is performed. For example, you can transport corrections from an integration system to a consolidation system.
Transport organizer 46C A tool for managing centralized and decentralized ABAP Workbench development projects and Customizing projects.SE01) : / - - - - ( / / SE01
transportable change request Change request that is transported to the target system defined by the system settings after release.
transport group SAP All SAP Systems connected by transport routes. A system group can include several transport groups or transport domains. While the transport
2009JSSAAll right reserved
43
domain is an administrative unit, and the transport group a technical unit, the system group is a logical unit.
Transport Directory SAP OS UNIX /usr/sap/trans Windows NT $(SAPTRANSHOST)sapmnttrans SAPTRANSHOST bin: tp TMS (tp: TP_.PFLTMS: DOMAIN.CFG) data: olddata: log: actlog: buffer: cofiles: Exit sapnames: SAP EPS: tmp: A directory that manages all data to be transported between SAP systems.
transport domain SAP SAP 1 SAP All SAP Systems that are managed jointly by the Transport Management System. All systems in a transport domain have the same settings as the Change and Transport System.
transport domain controller RFC SAP ( TMS DOMAIN_ ( ID) SAP TMS SAP SAP System in which the transport route configuration is maintained centrally for all systems in the same transport domain.
Transport Route SAP SAP 3 Z ( ID) () SAP "SAP"
Transport Layer
2009JSSAAll right reserved
44
SAP / SAP SAP A means of determining the integration and consolidation system for objects to be transported. A transport layer is assigned to each development class and thus to all objects in that class. The transport layer determines: In which SAP System developments or changes to Repository objects are made Whether objects are transported to other systems within the group when development work has been completed
mass transport Transport where all requests queued for import are imported into the target system collectively.
(GA )
unrestricted shipment phase SAP (FCS)CA(Controlled Availability) Second delivery phase for a new software release. During this phase, all customers can obtain the new release. (FCS)
Instance SAP SAP DVEBMG S DVEBMGS00 SAP SAP instance An administrative unit that groups components of an SAP system that provide one or more services. These services are started and stopped at the same time. All components belonging to an instance are provided with parameters using a common instance profile. A central SAP System consists of a single instance that includes all the necessary SAP services. SAP ITS SAP ORACL
instance profile Profile that contains application server-specific configuration parameters to complete the set values of the default profile.
Instance parameter
Internet Transaction Server ITS
2009JSSAAll right reserved
45
ITS
integration system A system in the SAP System group where objects are usually developed and then transported to the consolidation system. Each Repository object is assigned to an integration system by its package (formerly development class) and transport layer. The integration system should consist only of separate test or development systems where SAP application programs are not being used in a production environment.
Web
Web Application Server Web AS
enqueue SAP SAP ABAP SAP SAP SAP SAP
Object Oriented Programing ABAP O-O ABAP Object-Oriented
development class Enterprise
development system
developer key ID DEVACCESS
external session SAP GUI TSS 6 An instance of an SAP window within the SAP GUI on the application server. When you log on to the SAP System, the system opens an external session. You can then open up to five more sessions, which all behave like separate logons to the SAP System. The number of the current external session is displayed in the status bar.
Customer Enhancements Exit SAP SAP ABAP SAP Exit Exit
2009JSSAAll right reserved
46
An adjustment to the standard SAP system, requested by the customer. SAP designs empty modification modules at particular points in the standard system where customer enhancements are anticipated. These modules, known as exits, can be filled with customer-specific logic. Exit
extended transport control .(: WAJ.610) A function of the Transport Management System (TMS) that allows you to define client-specific transport routes and target groups. /(: /TQASGR/)
SAP
virtual SAP System SAP SAP SAP TMS SAP System configured as a placeholder for an SAP System that has not yet been configured. You can define transport routes for virtual systems, and create and display the import queue.
repair SAP SAP SAP SAP Repository objects that are changed in a system other than their original system are entered in repairs. Objects can be transferred from their original system by transports.
functionality release CA SAP SAP GA
client / SAP ASP SAP BOX 1000 SAP
2009JSSAAll right reserved
47
ABAP SAP 3 SAP / BOX / In commercial, organizational and technical terms, selfcontained units in an SAP system with separate master records and its own set of tables. 3 digit number E.g. 000, 001 and 066 One or more clients per SID.
/
Client/ Server System / SAP 3 /3 /3 3 /
client transport SAP
client-dependency transport request SAP SAP 4.5
client-dependency data Specific only to one client. Settings in Client Dependent tables relate only to the client, which was accessed during the log on process. Such tables contain the client number in the tables key. (MANDT field)
client copy SAP A function for copying a client. This applies in particular to copying the entire Customizing context (environment) of a source client to a target client, either within one SAP system or to a different SAP system. The system settings determine what is to be copied.
client-indipendent, cross-client ABAP
2009JSSAAll right reserved
48
client-independent customize parameter IMG
authorization maintenance function SAPSAP Windows SAP SAP
authorization concept Windows SAP The structure and functions associated with authorization assignment and checking in SAP systems. You use authorizations to protect the system from unauthorized or unwanted access.
authorization profile HR Authorization profiles give users access to the SAP System. They contain authorizations, which are identified using the name of an authorization object and the name of an authorization. If a profile is specified in a user master record, the user is assigned all of the authorizations defined in this profile.
language transport Transport that imports translated texts into a target system
maintenance view SAP SM31 IMG View type in ABAP Dictionary. You can use a maintenance view to maintain data that is distributed over several tables at the same time. IMG
code page SAPLOGON 8000
Transport of copies SE01)
2009JSSAAll right reserved
49
SAP Transports of copies allow you to transport (sub-)objects in an object list into any other SAP System you want. In contrast to Workbench or Customizing requests there is no automatic delivery into other systems for transport of copies.
commit LUWLUW
consolidation system 3 2 A system in the SAP system group that receives transports of tested, stable developments from the integration system. The consolidation system can be a quality assurance system where final testing takes place or, in the case of minor developments, a production system. consolidate []
consolidation route SAP The regular transport path of a Repository object from the integration system to the consolidation system. The consolidation route is specified for each Repository object in the package (development class) and transport layer.
server /
sand box client
2009JSSAAll right reserved
50
system landscape SAP SAP 3 SAP SAP
Central User Administration CUA The maintainenance of users in a central system. A system group includes several SAP systems with several clients. The same users are often created and the same roles assigned in each client. Central User Administration is designed to perform these tasks in a central system and distribute the data to the systems in the system group.
schema 3()()
session
central instance SAP 1 SAP The application services for the SAP System, including the enqueue and message services, that are located on a single host machine. Typically, the central instance has multiple work processes for the dialog, update and background services. The machine on which it runs is called the central host.
central Host
operation mode SAP CCMS JOB
solution manager SAP SAP
2
3
/
2009JSSAAll right reserved
51
SAP SAP SAP SAP SAP
dialog program UPDATE Dynpro A dialog program consists of an ABAP program of the type "module pool", screens, and a transaction code for calling the program. There is also a graphical user interface that offers a number of functions. You can start a dialog program with a transaction code. However, the transaction code is often incorporated into an area menu.
dialog program
dispatcher Central process on an application server. In addition to other tasks, the SAP dispatcher is responsible for the following principle tasks: Initialization, reading profile parameters, starting work processes and logging on to the message server Evenly distributing the transaction load across work processes Connecting to the GUI layer Organizing communication processes
data archive SAP
Data Transfer Workbench CA-GTF (General Application Functions) A central SAP tool for organizing and performing data transfer to the SAP System. The Data Transfer Workbench supports various business objects such as customers and master data. Technologies supported include Batch Input, Call Transaction, Direct Input, and BAPIs. An additional tool for data transfer is the Legacy System Migration Workbench (LSMW). SAP B1 Migration tool that can be used to migrate master and transaction data from legacy systems into SAP Business One. The Data Transfer Workbench offers pre-defined data file templates to simplify the data preparation process.
data model SAP AHR H A
2009JSSAAll right reserved
52
R
default profile A profile that contains values that apply to all application servers. There is always one active default profile that is defined, like all profiles, in the SAP R/3 global profile directory. The default profile is also known as the system profile. system profile
delivery system SAP SAP
delivery system A function where there is development in distributed systems. A delivery system must be linked to a consolidation system. By means of this link, the delivery system continually receives copies of transports performed in the consolidation system. Delivery systems are usually production systems.
delivery route
transparent table SAP DBMS 11 SAP DBMS 11 11
transaction code VA01FB50SE15 TSTCT SAP SE93)
transaction processing //// JOB SAP
transaction variant A alternative of a transaction in the SAP System. You can create different variants for the same transaction. This enables you to simplify transaction flows by: Preassigning values to fields Suppressing and changing the readiness for input of fields Suppressing whole screens A transaction variant consists of a number of screen variants.
internal session Instance of an ABAP program within an external session. External procedure calls allow you to load several ABAP programs in an internal session. Program calls open their own internal sessions.
2009JSSAAll right reserved
53
naming convention SAP 'Y''Z'
backup transport domain controller
background processing Processing that does not take place on the screen. Background processing enables you to process data in the background while executing other functions in parallel on the screen. Although background processes are not visible to the user (there is no dialog), they have the same priority as online processes. JOB RZ01 JOB SM36 JOB SM37 SM50
Package A container for semantically related development objects. A package consists of subpackages and development objects (programs, tables, screens, function modules and classes), that are developed and transported together. Packages are characterized according attributes including nesting, interfaces, visibility, and use access. You can create and manage packages with the Package Builder. Packages replace the previously used development classes.
patch SAP () SPAMSAP Patch Manager SAPM patch
batch input
2009JSSAAll right reserved
54
SAP BDC Call TransactionBDC BAPI SAP IDoc 1SQLSAP DB 2 BDC A data transfer technology that enables the transfer of large volumes of data to an SAP System using the online transaction. A batch input session is created for this purpose which you can then process using the Batch Input Monitor. Additional transfer technologies: Call transaction, direct input, EDI and BAPIs.
Batch Processing JCLJob Control Language SAP SM36SM37
patch type PATSPAM SAP FFDFCS (FFDP)FFDP FCS COP(SAP_BASISSAP_HRSAP_APPL )SAP_HR BWPSAP (BWP)SAP SAP (SAP_BW) AOP CRT(CRT)CRT IS-IS IS-OIL HOT SAP SAPNet-SAP
function module SAP SAP SAP
2009JSSAAll right reserved
55
ABAP An external subroutine written in ABAP. Developed in the Function Builder, they are managed in a central function library, and can therefore be called from any ABAP program. This helps to avoid redundant code and makes the programming process more effective. In contrast to FORM routines, function modules have the same standard interface.
Argument Call by ValueCall by Reference
business connector SAP IDoc XML/HTML SAP 3.1 SAP Web A middleware application based on the B2B integration server from webMethods. The SAP Business Connector enables both bi-directional synchronous communication and asynchronous communication between SAP applications and SAP and non-SAP applications. The SAP Business Connector makes all SAP functions that are available via BAPIs or IDocs accessible to business partners over the Internet as an XML-based service. The SAP Business Connector uses the Internet as a communication platform and XML or HTML as the data format. It integrates non-SAP products by using an open, non-proprietary technology.
BC
asynchronous update SAP SM13
view ABAP JoinProjectionSelectionRead Only Join Projection Selection1000 Virtual table that contains no data but is an application-specific view of one or more tables in the ABAP Dictionary. When you create a table, you assign a key to it. However, the fields in the key may be inadequate for solving some problems, so you can generate a view from several tables or parts of tables.
quality assurance system 3 System into which tested, stable development versions and the parameters of the Customizing objects are transport from the development or test system at defined events.
2009JSSAAll right reserved
56
This is the basis for performing the final test in this system. fire wall
LAN Firewall SAP
playground client
Profile generator
profile parameter SAP
Basis component SAP Enterprise Web AS FICOSDMMPP SAP SAP SAPSAP Web
change request ABAP // SPRO_ADMINSE10 SAP
change management ABAP SAP SAP ASAP ASAP
changeover key ID ADIRACCESS
go live system SAP
name range
naming convention SAP YZ
2009JSSAAll right reserved
57
modify
modification SAP SAP
modification assistant Tool for supporting adjustment of the SAP standard. The Modification Assistant ensures that the upgrade is simplified. You can go to a special modification mode if you access the ABAP Workbench editors when modifying objects of the SAP standard. The original object is protected in this mode and can be changed only with additional actions. The Modification Assistant logs changes, providing a fast and detailed overview of the modifications and reducing the load during upgrade.
user master SAP SAP SAP
repository SAP
repository object ABAP Dynpro,
Remote function call RFC
report SAP ABAP program that implements the reporting - that is, it reads data and displays it. It is usually an executable program and the program starts with the REPORT statement, in which event blocks are implemented for the reporting events and which displays the data in a list.
local object SAP Development object created for private use. Local objects belong to the development class $TMP. They are not transported to other systems. You can access the local objects of other users as well as your own.
local change request SAP
2009JSSAAll right reserved
58
role SAP The collection of activities that a person performs to participate in one or more business scenarios in an organization. Access to the transactions, reports, Web-based applications, and other objects contained in roles is through user menus. mySAP.com Workplace provides the user access using a Web browser to a role-based portal for completing his or her tasks.
rollback LUWLUW SAP
lock
lock object SAP SAP SE11 SM13 Object type in the ABAP Dictionary. When you activate a lock object, you generate function modules that set and release locks. You can use these function modules in ABAP programs.
lock table A table stored in the main memory of the enqueue server which contains entries for the current locks in the system. Each lock includes the owner of the lock, the lock mode, and the name and the fields of the locked table.
Logical database ABAP Runtime Environment (BC-ABA) Special ABAP program that provides other ABAP programs with data from the nodes of a hierarchical tree structure. Is either linked in the program attributes of an executable program or called using the function module LDB_PROCESS. A logical database has a structure with nodes, a database program written in ABAP, and its own standard selection screen . Logical databases are maintained in the Logical Database Builder.
Logical Unit of Work Period of time between two consistent states on the database. SAP LUW
work process DIA UPD BGD SPO ENQ
2009JSSAAll right reserved
59
A process that as a component of an application server executes an ABAP application. To process SAP requests from several front ends, an SAP application server has a dispatcher, which collects the requests and forwards them to work processes for execution. There are the following types of work process: DialogFor executing dialog programs Update, Upd2For asynchronous database updates Background (batch)For executing background jobs EnqueueFor executing lock operations SpoolFor print formatting Work processes can be assigned to dedicated application servers. In the service overview (SM51), you can see which work process types are provided by the individual servers. Each work process is logged onto the database system as a user for the entire runtime of the SAP system. Each work process is assigned for the duration of a dialog step to an ABAP program.
work bench organizerWBO) Invalid as of Release: 46C ABAP /CTO46C CASESAP Tool for managing central and decentralized development projects in the ABAP Workbench. The Workbench Organizer is part of the Change and Transport Organizer (CTO).
2009JSSAAll right reserved
60
6 6.1
6.2
6.3
6.4
2009JSSAAll right reserved
2009/12 1
2009JSSAAll right reserved
2009/12 2
( P89
2009JSSAAll right reserved
2009/12 3
ERP
1.
A
ERPERP
2. /
A /
/
x
x
x x
x x /
x
/
2009JSSAAll right reserved
2009/12 4
ID
3. A
( 000001066 ) DEV QA PRD
//
000001
066
4.
A 3
/
/
STMS
3
2009JSSAAll right reserved
2009/12 5
5. A ? ( 000001066 )
000001066
/
SCC4
000 001 066
( 000001066 )
6. A
PRD SAP
SAP
QA
()
SCC4
2009JSSAAll right reserved
2009/12 6
B
CATT eCATT eCATT CATT eCATTFUNABAP CATT eCATTFUNABAP CATT
RFC eCATT CATT RFC eCATT CATT eCATT CATT QA
2009JSSAAll right reserved
2009/12 7
B
SAP
CATT eCATT eCATT CATT eCATTFUNABAP CATT eCATTFUNABAP CATT
RFC eCATT CATT RFC
2009JSSAAll right reserved
2009/12 8
eCATT CATT eCATT CATT DEV SAP
eCATT CATT
2009JSSAAll right reserved
2009/12 9
CATT eCATT eCATT CATT eCATTFUNABAP CATT eCATTFUNABAP CATT
RFC eCATT CATT RFC eCATT CATT eCATT CATT
eCATT CATT eCATT CATT
eCATT CATT
A ?
SCC4
7.
A ? and/or and/or ?
SM30 SCCSCC9
SCC3 and/or SCC4
2009JSSAAll right reserved
2009/12 10
8. B ?
?
1 SAP
?
9. B
10.
B
?
QA
QA
2009JSSAAll right reserved
2009/12 11
?
CATTeCATTComputer Aided Test Tool
RFC
RFC
RSUSR002RFC SM59
RFC SM20
11.
RFC
B
RFC
/
2009JSSAAll right reserved
2009/12 12
RFC
OS
OS OS
OS OS
OS SM69 OS DELETE
OS SM69 OS SM49
SM69 SM49
OS
12. OS
A
OS
OS
13.
A
SM01
/
SE11 ABAP SE15
ABAP SE16 SE17 SE38
2009JSSAAll right reserved
2009/12 13
SE8X ABAP
SM30 SM31
SPRO
SE06 SU01 RZ10
SM49 SM69
SA38
AISAudit Information System
S_ALR_87101283 -
SM19
SM20
OS
2009JSSAAll right reserved
2009/12 1
1. 2. 3.
4.
5. 6.
2009JSSAAll right reserved
2009/12 2
1.
A
SAP 2 ID ID
SAP
ID SAP
x ID SE17 DEVACCESS Char20 X
x
x
2.
A
x
x SE15 Z*Y* From To
x
2009JSSAAll right reserved
2009/12 3
x
SE93 Z*Y*
x
S_ALR_87101287 //Transact ID ABAP AUTHORITY-CHECK
x SA38 RSCSAUTH
x
SE17 TDDAT Z* X
3.
A
SAP SAP
x SE15
2009JSSAAll right reserved
2009/12 4
not Z*Y* From To
SE15 ABAP not Z*Y* From To
x
4.
A
SAP ID
x SAP SAP
x
5.
A
x
x
x
2009JSSAAll right reserved
2009/12 5
?
QA QA
ID ID
x SAP
ID
x
x
6.
A
x
2009JSSAAll right reserved
2009/12 6
x
7. B
8. B
SAP x SAP
ID
x
9.
B
?
?
x
x
x
10
A
x SAP
x SAP
x SAP
2009JSSAAll right reserved
2009/12 7
?
x
SAP
x SAP
x ( Exit Exit)
x
x SE95
x
x
11 B SCCR
x
x
4.6
12 A
x
13
B ?
x
2009JSSAAll right reserved
2009/12 8
?
14
A
?
x
x
x ()
x
x
x
x
x
2009JSSAAll right reserved
2009/12 9
15 A
x
x
x
x
16
B x x
2009JSSAAll right reserved
2009/12 10
17
B
x
18
A
x
x
19
A
SAP (STMS)
IT
x
x
() STMS >
x 0 ()
2009JSSAAll right reserved
2009/12 11
x
20 C
?
SAP ?
tp
x tp
x tp
21
B
?
?
x
x
x A S_ALR_87101261 S S_ALR_87101262
22
A
x
2009JSSAAll right reserved
2009/12 12
x
23
A
24
B
25
B
?
x ASAPSAP
2009JSSAAll right reserved
2009/12 13
A
26 B ? ?
x
x
27
B ?
x
28
B
29
A
ERP ERP ERP ERP ERP
ERP ERP
x
x
2009JSSAAll right reserved
2009/12 14
30 B SoD
x
SA38 RSUSR002 S_TCODE SE10 AND 2 S_TCODE SE38 AND 3 S_TCODE STMS 2 SA38 RSUSR002 S_TCODE SE10 AND 2 S_TCODE SPRO AND 3 S_TCODE STMS
31
B SoDID
x SE10SE38STMS
x
SE10SPROSTMS RSUSR002
2009JSSAAll right reserved
2009/12 15
ID
2009JSSAAll right reserved
2009/12 1
2009JSSAAll right reserved
2009/12 2
COBIT DS5
0 IT IT
IT IT
1
/
I IT IT IT IT IT
2
IT IT IT IT IT IT
3
IT IT IT IT ()IT
4
IT IT IT IT IT IT IT
5 IT IT IT
2009JSSAAll right reserved
2009/12 3
1. A
ID
ID ID
SAP ERPID
2.
A ID /?
? :
ID
() SAP
2009JSSAAll right reserved
2009/12 4
ID ? ? ?
'A'
1
'B'
(-> ) (->ALETMSCUA ) (SAP GUI ) SU01 ( -> )
'C'
(-> RFC CPIC) (SAP GUI ) () (RFC/CPIC ) RFC USR_USER_CHANGE_PASSWORD_RFC RFC API RfcOpenEx()
'S'
ITS Web ( SUSR_INTERNET_USERSWITCH
2009JSSAAll right reserved
2009/12 5
)
'L'
"$" SU_REFUSERVARIABLE CUA CUA
3.
A ID ID
: ID:
ID ID
4. RFC
B RFC
RFC
RFC RFC
RFC
2009JSSAAll right reserved
2009/12 6
RFC
5. B ? ?
6. ID
A ID?
ID
SAP SAP
7.
B
USR40
USR40
8.
B
USERS_SSM ID
2009JSSAAll right reserved
2009/12 7
9.
B ID
ID
ID
ID
SU01
10.
A
2009JSSAAll right reserved
2009/12 8
11. A SA38 RSPFPAR RSPARAM
ID
login/disable_multi_gui_login
1 R/3 () SAPGUI
login/failed_user_auto_unlock
1 () 0
A
login/fails_to_session_end
1 ID
A
login/fails_to_user_lock
ID
A
login/min_password_diff
(==> )
A
login/min_password_digits
(0-9) /
A
2009JSSAAll right reserved
2009/12 9
0 8 1
login/min_password_letters
/ 0 - 8
A
login/min_password_specials
/ ( !\@$%&/()=?`*+~#-_.,;:{[]}\\ ) 0 8
A
login/min_password_uppercase
login/password_downwards_compatibility 5 : (A - Z)
A
login/min_password_lowercase
login/password_downwards_compatibility 5 : (a - z)
A
login/min_password_lng
A
login/multi_login_user ID
2009JSSAAll right reserved
2009/12 10
s R/3 ID ()
login/no_automatic_user_sapstar
SAP*
A
login/password_compliance_to_current_policy
0 : 1 : "SERVICE" "SYSTEM" NetWeaver 7.0 (862989)
ID
login/password_expiration_time
0
login/password_max_idle_initial
() "The initial password has expired; request a new one"
login/password_max_idle_productive
""
2009JSSAAll right reserved
2009/12 11
login/password_change_waittime login/password_expiration_time "Password was not used for a long period and therefore deactivated"
login/password_max_new_valid
ID 0 1
rdisp/gui_auto_logout
12.
A (=&A) ( = &B = &A) ( = &B = &A) &B &A
&B &A
A
ID
1
2009JSSAAll right reserved
2009/12 12
RFC/CPIC (Type = &A) RFC/CPIC ( = &B =
&A) &A &B
&A &A &A &A &A
13.
A
ID ID
IID
1
14.
SAP A SAP
2009JSSAAll right reserved
2009/12 13
? DDIC ():
SAP* ():
EARLYWATCH (066):
SAP
RSUSR003
15.
A SAP* ?
ogin/no_automatic_user_sapstar = 1 SAP*
16. SAP_ALL
A SAP_ALL ?
SAP_ALL: SAP_ALL
SAP_ALL
SAP_ALL
SAP_ALL
SAP_ALL
S_BCE_68001395 - SAP_ALL SUIM SAP_ALL
2009JSSAAll right reserved
2009/12 14
17.
A
18.
A ?
?
3
2009JSSAAll right reserved
2009/12 15
19.
A
/ &B / &B / &B &A / &B
20.
ID
A
2009JSSAAll right reserved
2009/12 16
21.
A ?
22.
A
23. SoD SOD
A
ID
2009JSSAAll right reserved
2009/12 17
24.
B OSDBMS
OSDBMS
SAPBITA
25.
OSDBMS
B
SAP
SAPBITA 2
2009JSSAAll right reserved
2009/12 18
26. B ?
SAP DBMS SAP
SAP
DBMS SAP
DBMS ID
1
2
27.
B ?
SAP BIT A
2009JSSAAll right reserved
2009/12 19
Web AS ABAP 7.00 NetWeaver 2004s
: 8 40 40 ( 8 ) Web AS ABAP 7.00 NetWeaver 2004s 8 32 () z login/min_password_lowercase z login/min_password_uppercase z login/password_downwards_compatibility
: ( 5 ) () 5 (login/password_history_size) ( 100 )
( 1)
(: ) login/password_change_waittime (: 1000 )
()
() () login/password_compliance_to_current_policy = 1
() () SERVICE SYSTEM ()
2009JSSAAll right reserved
2009/12 20
() z login/password_max_idle_initial z login/password_max_idle_productive
:
"" (: ) z ": " z " - "
z login/failed_user_auto_unlock : 0 (1 )
z login/fails_to_user_lock : 5 (12 )
5
z login/no_automatic_user_sapstar : 1 (0 )
z login/min_password_lng : 6 (3 ) 6
z login/ticket_expiration_time : 8 (60 ) 8
login/password_max_new_valid login/password_max_reset_valid login/password_max_idle_initial
2009JSSAAll right reserved
2009/12 1
2009JSSAAll right reserved
2009/12 2
N0
1.
A
OS
LAN
1 1
2009JSSAAll right reserved
2009/12 3
N0
SAP
OS
A
A
2.
A
SAP SAP
2009JSSAAll right reserved
2009/12 4
N0
SAP
A
A
A
(1 2 )
24
QA ()
A
3.
A
2009JSSAAll right reserved
2009/12 5
N0
4.
A
2009JSSAAll right reserved
2009/12 6
N0
A
SM36
SM37RZ01 J-SOX
SM35
A
A SAP
5. SAP
A
RZ10
2009JSSAAll right reserved
2009/12 7
N0
TU02
A
A
SAP
SAP
A
SAP
SAP ABAP
SAP
RZ20 SM21 RZ20 and/or SM21 SAP
SM13
ABAP ST22
6. SAP
A
2009JSSAAll right reserved
2009/12 8
N0
A OS
OS SAP ERP UNIX WindowsSAP ERP OS OS OS
OS /
SM69 OS
SM49
A
OS
OS OS
SM69SM49
SM69 OS
7. OS
A
A
SAP ERP
DBA
DB13
DB12
8.
A
2009JSSAAll right reserved
2009/12 9
N0
A
2009JSSAAll right reserved