Login System Profile paramenter for SAP Security:
Here
is a set of system profile parameter required for SAP security and it will
enhance the protection and we can have control over SAP login and below profile
parameters are useful to implement SAP security in your landscape.
This is a 1st set of profile parameters and i will post next set of system profile paramter which is required for Basis and Security in upcoming post.
Profile parameter
|
Description
|
Default value
|
Recommended value
|
login/min_password_lng
|
Minimum password length for
user password
|
3
|
3
|
login/password_expiration_time
|
Number of days between
forced password change
|
0
|
90
|
Login/fails_to_session_end
|
Number of invalid logon
attempts allowed before the SAP GUI is disconnected
|
3
|
3
|
Login/fails_to_user_lock
|
Number of invalid logon
attempts within a day before the user id is automatically locked by the
system
|
12
|
5
|
rdisp/gui_auto_logout
|
Time, in seconds, that
SAPGUI is automatically disconnected because of in-activity
|
0
|
30
|
Auth/test_mode
|
Switch to report RSUSR400
for authority check
|
N
|
N
|
Auth/system_access_check_off
|
Switch off automatic
authority check
|
N
|
N
|
Auth/no_check_in_some_cases
|
Special authorization
checks turned off by customer
|
N
|
Y
|
Login/ext_security
|
Security access controlled
by external software
|
N
|
N
|
Auth/rfc_authority_check
|
Permission for remote
function calls from within ABAP programs
|
0
|
1
|
Login/failed_user_auto_unlock
|
Disable system function for
automatic unlock of users at midnight
|
0
|
1
|
Login/no_automatic_user_sapstar
|
Disable ability to logon as
SAP* with PASS of password when SAP* deleted
|
0
|
1
|
Auth/no_check_on_tcode
|
Disable check of S_TCODE on
non-basis transactions
|
N
|
N
|
Auth/auth_number_in_userbuffer
|
Number of authorizations
allowed in the user buffer
|
800
|
1000
|
Auth/authorization_trace
|
Every trace will be logged
once in table USOBX
|
N
|
N
|
Auth/check_value_write_on
|
Write value for SU53
security checking/authorization failure
|
Y
|
Y
|
Hope this document is helpful to you.
No comments:
Post a Comment
Note: only a member of this blog may post a comment.