Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

INDIRECT SAP system usage

Former Member
0 Kudos

Hello guru's,

what are good indicators for INDIRECT SAP system usage?

(E.g. an application interfaced with SAP --> Reason: all users of this application should also be licensed for SAP usage)

I thought of the following:

  • Generic User ID's

  • Users having (used) the objects S_RFC(ACL) in their authorization profiles

  • Table USR41_MLD (in combination with parameter for allowed number of session)

Any others?

Thx!

1 ACCEPTED SOLUTION

Former Member
0 Kudos

Kraell

You can even consider external users / remote login users / RFC trusted users / internet users(who do not belong to SAP license

http://help.sap.com/saphelp_nw04/helpdata/en/66/105f408e631059e10000000a155106/content.htm

http://help.sap.com/saphelp_40b/helpdata/fr/38/174b6e5733d1118b3f0060b03ca329/content.htm

Thanks,

Sri

3 REPLIES 3

Former Member
0 Kudos

Hi I joined the group recently saw your open question :

Here is what I found for your question , this statement is in the SAP system measurement guide, look at the latest version

SAP has new transaction called SLAW.., USMM etc......

Indirect System access means that the user is communicating with

a system upstream from the SAP software that transfers

communication activities to the SAP software installation or

otherwise accesses the SAP software or uses its functions. In

particular, the following are examples of indirect use:

u2022 Users in an upstream system enter or make data available that

is transferred to, or interacts with, the SAP software u2013 for

example, order entry in a mobile system, or users of a portal

to the extent that they use functions of the software.

u2022 Users operate non-SAP software to access data that is read,

modified, or stored using SAP software and for which they use

SAP programs such as the BAPI® programming interface,

remote function calls (RFC), or transaction calls.

0 Kudos

If you copy&paste from somewhere please quote the source...

Another option is analyzing the transaction data in the system and application logs.

There are lots of little clues which it leaves behind, but system interfaces and services are also an intended feature.

The Rolls-Royce solution is to authenticate all users transparently through from the frontend components (perhaps their iris would hurt if shared?) to the backend systems. Then you have a good chance to prevent misuse but will meet many challenges

Cheers,

Julius

Former Member
0 Kudos

Kraell

You can even consider external users / remote login users / RFC trusted users / internet users(who do not belong to SAP license

http://help.sap.com/saphelp_nw04/helpdata/en/66/105f408e631059e10000000a155106/content.htm

http://help.sap.com/saphelp_40b/helpdata/fr/38/174b6e5733d1118b3f0060b03ca329/content.htm

Thanks,

Sri