Submit Search
Upload
Creation of derive roles with secatt
•
0 likes
•
656 views
Roberto B.
Follow
Creacion de roles sap
Read less
Read more
Technology
Report
Share
Report
Share
1 of 30
Download now
Download to read offline
Recommended
SAP BI 7 security concepts
SAP BI 7 security concepts
Siva Pradeep Bolisetti
Day5 R3 Basis Security
Day5 R3 Basis Security
Guang Ying Yuan
Abap proxies
Abap proxies
szchowdhury
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
akquinet enterprise solutions GmbH
SAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM Workflows
Rohan Andrews
Oracle Web Adi For upload item master
Oracle Web Adi For upload item master
Ahmed Elshayeb
Secure Salesforce: Code Scanning with Checkmarx
Secure Salesforce: Code Scanning with Checkmarx
Salesforce Developers
sap security interview_questions
sap security interview_questions
sumitmsn2
Recommended
SAP BI 7 security concepts
SAP BI 7 security concepts
Siva Pradeep Bolisetti
Day5 R3 Basis Security
Day5 R3 Basis Security
Guang Ying Yuan
Abap proxies
Abap proxies
szchowdhury
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
akquinet enterprise solutions GmbH
SAP GRC AC 10.1 - ARM Workflows
SAP GRC AC 10.1 - ARM Workflows
Rohan Andrews
Oracle Web Adi For upload item master
Oracle Web Adi For upload item master
Ahmed Elshayeb
Secure Salesforce: Code Scanning with Checkmarx
Secure Salesforce: Code Scanning with Checkmarx
Salesforce Developers
sap security interview_questions
sap security interview_questions
sumitmsn2
How to extend an outbound i doc
How to extend an outbound i doc
rupesh chouhan
SAP: ECR, ECO, BOM
SAP: ECR, ECO, BOM
Natalia Koroleva
SAP Security & GRC Framework
SAP Security & GRC Framework
Harish Sharma
Creating mass users using e_catt
Creating mass users using e_catt
sparten369
Introduction to data migration
Introduction to data migration
Hubert Manduku
Abap proxy
Abap proxy
Ganesh Kumar
Iia los angeles sap security presentation
Iia los angeles sap security presentation
hkodali
Cua setup procedure SAP security
Cua setup procedure SAP security
Siva Pradeep Bolisetti
SAP SD Variant configuration-training-document 2
SAP SD Variant configuration-training-document 2
ramesh Charantimath
Automatic picking configuration in delivery in sap sd
Automatic picking configuration in delivery in sap sd
sarath chandran
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc
hkodali
SAP S_4HANA Migration Cockpit - Deep Dive LTMOM for Direct Transfer.pdf
SAP S_4HANA Migration Cockpit - Deep Dive LTMOM for Direct Transfer.pdf
ssuserf6d533
Fiori app for po approval process sap mm
Fiori app for po approval process sap mm
Lokesh Modem
SAP Engineering Change Management(ECM)
SAP Engineering Change Management(ECM)
KMR SOFTWARE SERVICES PVT LTD
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
grconlinetraining
Introduction to SAP Security
Introduction to SAP Security
Nasir Gondal
sap variant-configuration
sap variant-configuration
Rafael Guzman
Enhancement framework the new way to enhance your abap systems
Enhancement framework the new way to enhance your abap systems
Kranthi Kumar
Sap Security Workshop
Sap Security Workshop
larrymcc
Introduction on sap security
Introduction on sap security
yektek
How to create_an_ecatt
How to create_an_ecatt
Mohammed Azhad
E catt tutorial
E catt tutorial
Naveen Raj
More Related Content
What's hot
How to extend an outbound i doc
How to extend an outbound i doc
rupesh chouhan
SAP: ECR, ECO, BOM
SAP: ECR, ECO, BOM
Natalia Koroleva
SAP Security & GRC Framework
SAP Security & GRC Framework
Harish Sharma
Creating mass users using e_catt
Creating mass users using e_catt
sparten369
Introduction to data migration
Introduction to data migration
Hubert Manduku
Abap proxy
Abap proxy
Ganesh Kumar
Iia los angeles sap security presentation
Iia los angeles sap security presentation
hkodali
Cua setup procedure SAP security
Cua setup procedure SAP security
Siva Pradeep Bolisetti
SAP SD Variant configuration-training-document 2
SAP SD Variant configuration-training-document 2
ramesh Charantimath
Automatic picking configuration in delivery in sap sd
Automatic picking configuration in delivery in sap sd
sarath chandran
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc
hkodali
SAP S_4HANA Migration Cockpit - Deep Dive LTMOM for Direct Transfer.pdf
SAP S_4HANA Migration Cockpit - Deep Dive LTMOM for Direct Transfer.pdf
ssuserf6d533
Fiori app for po approval process sap mm
Fiori app for po approval process sap mm
Lokesh Modem
SAP Engineering Change Management(ECM)
SAP Engineering Change Management(ECM)
KMR SOFTWARE SERVICES PVT LTD
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
grconlinetraining
Introduction to SAP Security
Introduction to SAP Security
Nasir Gondal
sap variant-configuration
sap variant-configuration
Rafael Guzman
Enhancement framework the new way to enhance your abap systems
Enhancement framework the new way to enhance your abap systems
Kranthi Kumar
Sap Security Workshop
Sap Security Workshop
larrymcc
Introduction on sap security
Introduction on sap security
yektek
What's hot
(20)
How to extend an outbound i doc
How to extend an outbound i doc
SAP: ECR, ECO, BOM
SAP: ECR, ECO, BOM
SAP Security & GRC Framework
SAP Security & GRC Framework
Creating mass users using e_catt
Creating mass users using e_catt
Introduction to data migration
Introduction to data migration
Abap proxy
Abap proxy
Iia los angeles sap security presentation
Iia los angeles sap security presentation
Cua setup procedure SAP security
Cua setup procedure SAP security
SAP SD Variant configuration-training-document 2
SAP SD Variant configuration-training-document 2
Automatic picking configuration in delivery in sap sd
Automatic picking configuration in delivery in sap sd
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc
SAP S_4HANA Migration Cockpit - Deep Dive LTMOM for Direct Transfer.pdf
SAP S_4HANA Migration Cockpit - Deep Dive LTMOM for Direct Transfer.pdf
Fiori app for po approval process sap mm
Fiori app for po approval process sap mm
SAP Engineering Change Management(ECM)
SAP Engineering Change Management(ECM)
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online training
Introduction to SAP Security
Introduction to SAP Security
sap variant-configuration
sap variant-configuration
Enhancement framework the new way to enhance your abap systems
Enhancement framework the new way to enhance your abap systems
Sap Security Workshop
Sap Security Workshop
Introduction on sap security
Introduction on sap security
Similar to Creation of derive roles with secatt
How to create_an_ecatt
How to create_an_ecatt
Mohammed Azhad
E catt tutorial
E catt tutorial
Naveen Raj
Change transport system in SAP
Change transport system in SAP
chinu141
PVS-Studio and Continuous Integration: TeamCity. Analysis of the Open RollerC...
PVS-Studio and Continuous Integration: TeamCity. Analysis of the Open RollerC...
Andrey Karpov
Oopp Lab Work
Oopp Lab Work
Heather Dionne
A step by-step guide on i doc-ale between two sap servers
A step by-step guide on i doc-ale between two sap servers
krishna RK
Building Data Centric Apps in WPF
Building Data Centric Apps in WPF
Frank La Vigne
IBM iSeries Terminal Based Performance Testing with Rational Performance Tester
IBM iSeries Terminal Based Performance Testing with Rational Performance Tester
Winton Winton
Module pool programming
Module pool programming
Subhojit- Opekkhay
Penetration Testing for Easy RM to MP3 Converter Application and Post Exploit
Penetration Testing for Easy RM to MP3 Converter Application and Post Exploit
JongWon Kim
CATS Approval.pdf
CATS Approval.pdf
ssusereb0ae41
CASE STUDY InternetExcel Exercises, page 434, textRecord your.docx
CASE STUDY InternetExcel Exercises, page 434, textRecord your.docx
keturahhazelhurst
PRG 420 Week 3 Individual Assignment Netbeans Project (annual co.docx
PRG 420 Week 3 Individual Assignment Netbeans Project (annual co.docx
harrisonhoward80223
Vb%20 tutorial
Vb%20 tutorial
Satya Prakash
I doc packaging and mapping techniques.doc
I doc packaging and mapping techniques.doc
VERUS BRASIL
Setting up an odi agent
Setting up an odi agent
Dharmaraj Borse
Open sap ui51_week_2_unit_3_acdt_exercises
Open sap ui51_week_2_unit_3_acdt_exercises
vikram sukumar
IRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable Software
IRJET Journal
Dot Net Fundamentals
Dot Net Fundamentals
LiquidHub
Step by step lsmw tutorial
Step by step lsmw tutorial
raonivaz
Similar to Creation of derive roles with secatt
(20)
How to create_an_ecatt
How to create_an_ecatt
E catt tutorial
E catt tutorial
Change transport system in SAP
Change transport system in SAP
PVS-Studio and Continuous Integration: TeamCity. Analysis of the Open RollerC...
PVS-Studio and Continuous Integration: TeamCity. Analysis of the Open RollerC...
Oopp Lab Work
Oopp Lab Work
A step by-step guide on i doc-ale between two sap servers
A step by-step guide on i doc-ale between two sap servers
Building Data Centric Apps in WPF
Building Data Centric Apps in WPF
IBM iSeries Terminal Based Performance Testing with Rational Performance Tester
IBM iSeries Terminal Based Performance Testing with Rational Performance Tester
Module pool programming
Module pool programming
Penetration Testing for Easy RM to MP3 Converter Application and Post Exploit
Penetration Testing for Easy RM to MP3 Converter Application and Post Exploit
CATS Approval.pdf
CATS Approval.pdf
CASE STUDY InternetExcel Exercises, page 434, textRecord your.docx
CASE STUDY InternetExcel Exercises, page 434, textRecord your.docx
PRG 420 Week 3 Individual Assignment Netbeans Project (annual co.docx
PRG 420 Week 3 Individual Assignment Netbeans Project (annual co.docx
Vb%20 tutorial
Vb%20 tutorial
I doc packaging and mapping techniques.doc
I doc packaging and mapping techniques.doc
Setting up an odi agent
Setting up an odi agent
Open sap ui51_week_2_unit_3_acdt_exercises
Open sap ui51_week_2_unit_3_acdt_exercises
IRJET- Development of Uncrackable Software
IRJET- Development of Uncrackable Software
Dot Net Fundamentals
Dot Net Fundamentals
Step by step lsmw tutorial
Step by step lsmw tutorial
Recently uploaded
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Memoori
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
Neo4j
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
Precisely
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Fwdays
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Deakin University
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
MarianaLemus7
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
Softradix Technologies
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Alan Dix
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Wonjun Hwang
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
BookNet Canada
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
Recently uploaded
(20)
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Creation of derive roles with secatt
1.
SAP COMMUNITY NETWORK
SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 1 Using e-CATT in Security Works: Creation of Derive roles by using SECATT Applies to: SAP ERP, SAP NetWeaver Application Server ABAP. For more information, visit the Security homepage. Summary This article describes step by step procedure for creating Derive roles from a set of Master Roles in Mass. Derive role creation is basically described here in almost in the same way as creation of single roles by using SECATT. The difference is the maintaining the relationship of Inheritance with the Master roles. Author: Dipanjan Sanpui Company: IBM Global Business Service Created on: 09 May 2010 Author Bio Dipanjan Sanpui has been working in IBM Global Business Working (India) from 2007 as SAP NetWeaver Security Consultant.
2.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 2 Table of Contents Introduction............................................................................................................................................. 3 Creation of Test Script.......................................................................................................................... 4 Creation of Test Configuration ............................................................................................................ 15 Populating the Test Script variable with Data ....................................................................................... 19 Execution of Script to Create the Derive Roles ..................................................................................... 20 Monitoring the Log of e-CATT execution.............................................................................................. 23 Review of Role Data .......................................................................................................................... 25 Related Content .................................................................................................................................... 29 eCATT: extended Computer Aided Test Tool (BC-TWB-TST-ECA) ....................................................... 29 Disclaimer and Liability Notice................................................................................................................ 30
3.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 3 Introduction Creation of e-CATT script and it’s usage is now a widely known feature in automating repetitive works for creating or modifying master data in SAP. Here is one more such example with description of steps for creating Derive roles in mass from a set of Master roles. But we are not going to populate the Organization level values here as the number, set and order of Organization level values varies to great extent for a new set of Derive roles built from scratch. As an example, I have shown the creation of Derive roles for the process area PTD (procure to demand) for an Implementation project I am currently working on. e-CATT involves two steps for creating the script to create the roles. They are as follows: 1. Creation of Test Script 2. Creation of Test Configuration e-CATT stands for Extended Computer Aided Test Tool and the Transaction code is SECATT. To use e- CATT to automate the repetitive steps of same transactions first we need to create a Test Script. Note: Before I start describing the steps I would like to make this clear that e-CATT Scripts are not something need to be manually coded in ABAP. Rather it can be seen as a configuration type of job. So, anyone thinks where the coding is for this Z-scripts, can get the assurance of zero coding effort for these scripts which can be used multiple times in multiple SAP systems.
4.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 4 Creation of Test Script Go to Transaction SECATT. Put a name of the Test script (here Z_CREATE_DERIVE_ROLE) in the field “Test Script”, select the radio button beside it and then click create. The create selection will take to the next screen as shown below. Here under Attribute tab you need to put the following details: Title of the Test Script – this is basically the Text descriptio Component – this field holds the unique id of the application component under which the TCode in consideration falls.
5.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 5 The component need to be selected by pressing the F4 key i.e. by using the selection help. In our case, the creation of derive tole falls under the sub component “Authorization and Role Management” which is within the node BC-SEC (Security). After selecting the Component, click on the button “Pattern” on the Application Toolbar in between “Stop” and Pretty Printer. It will pop up a new window where you need to select the following details from the drop down:
6.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 6 Group: UI Control Command: TCD (Record) Transaction: PFCG Interface: this field will get populated automatically after you put the transaction code and press enter. Interface is PFCG_1 Select on the green right icon and you will get a message to confirm the data you selected. Check Yes to continue. Now you will be taken to the TCode PFCG to perform the desired tak you want to automate. Create a derive role from the respective Master role. e-CATT will capture each screen and operation on it while creating role together with the input data and instructions (role name, text, master role name, copy of authorization data from master role, generation of role etc.) given by users. After saving the role, click on the green “Back” arrow. Note: Since this article is not meant for role creation process so I am keeping them apart as it is a well known parctice for SAP Security practioners as this article is not for beginners. You will be asked for the confirmation whether the data captured can be transferred to Test Script or not. Select Yes and Next you will see the following screen.
7.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 7 In this screen you will get the TCode and it’s interface inside of the “Editor” tab. Double click on the Interface. Here the Interface for PFCG is PFCG_1. Double clicking on PFCG_1 will open a spit screen just by the right side of this window frame. We need to navigate thoruhg various screens just recorded to replace the fixed values entered during the recording with a generic input which will serve the purpose of a variable. The process is described below: Go to the node “DYNPRO MODE PROG DYNR” inside of “Command Interface PFCG_1”. Open each of the nodes within the DYNPRO menu node marked with serial numbers 1, 2, 3, etc. The node below this level contains the values need to be replaced. Double click on the last row which contains the: FIELD MODE NAME VALIN VALOUT After double clicking on this level, a split screen will appear on the right hand side which shows the columns where the input values used during recording are visible.
8.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 8 The row level selected in the below picture is the section where you need to double click to get the right hand side pane. The right side pane will show the role name used as the Derive role in the VALIN column. All Input values will appear in the VALIN column. Remove the role name provide durig the creatio of role while recording and replace with a genric value. Here the Derive role name i.e. AGR_NAME_NEU in VALIN column has been relaced by DER_ROLE.
9.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 9 Press eneter. A window will pop up for the confirmation if you want to Create the parameter DER_NAME. The default parameter type will be Local. Change it to “Import” and click on Yes. The new value for the Derive role has been defined as a variable DER_NAME. Same steps need to be performed for all the other DYNPROs in the last row of each node as described above. Following Data was used during the creation of the role: 1. Parent Role Name from which the Derive was derived 2. Derive Role Name 3. Derive Role Text 4. Transaction Codes in Role Menu adopted in the Derive role from the Parent role’s menu Please see some of them below.
10.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 10 Notes: Please remember to change the parameter type from Local to Import whenever prompted (after chaging a recorded value with a variable and then presseing eneter).
11.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 11 Note: Do remember to erase any previously filled values while recording your steps otherwise they will appear in the VALOUT column and you won’t be able to give them variable names)*This is done by opening the Dynpro menu and double click on the last row that contains Field, Mode, Name etc. columns. We need to enter variable names in place of those values which we have entered manually.
12.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 12 Please note that after changing each of these values and parameterizing these values the icon beside the respective row as well as at DYNPRO line are changed.
13.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 13 Note: The column called “Parameter” represents the Column heading of the input file where you need to put the corresponding entries under it as described later in this article. The header YZ is representing any TCodes going to be added in the derive role menu from the parent role during the adoption of the same. After changing all manual input and defining the variable you need to save. Save it as Local Object. Note: If you want to Transport the Test Script and use in other system, then you can assign it to a Development class instead of Local Object.
14.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 14 The Test Script is saved with a confirmation message at the bottom. Go back. After creating the Test Script, we need to create the “Test Configuration”.
15.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 15 Creation of Test Configuration In the screen of SECATT transaction, select the Test Configuration button and put a name (here Z_CREATE_DERIVE_ROLE) and click on Create icon. The next screen appears is the General Data tab inside Attribute. Provide a Text description and the Compoenent name as shown in the above picture.
16.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 16 Note: If you select only BC-SEC then it would be more general if you are not sure of the granularity of this. Then go to configuration tab. Here you need to put the name of the Test Scrpt created in the previuos section. After assigning the Test Script name, click on the download icon on the Application toolbar. You will prompted to save the file in a destination at your Local PC. The default directory will be the SapWorkDir (as shown in the above picture as the pop up screen). File extention is and has to be “*.txt”. Save the file in the location as per your choice (if you want to select a different path).
17.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 17 As you click the save button, a system message appears to confirm the Reference to Test Data resolution. Choose yes and continue. At bottom, the message shows the successful download of the variant. To check the variant downloaded, go to the Variant tab. Here you will be able to see the variant you downloaded with the Input columns which are need to populated during the execution of the script for creating data. The external path is also evident here which states from where system reads the filled up file to execute the operation.
18.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 18 The default Mode is Internal variable. To use the upload function from your local pc with the manually maintained data in the file which will be used to create the data, you need to change the mode from Internal Variable to External Variable. Put the file name in the File field. Save it. The message for successful completion of appears at bottom.
19.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 19 Go Back. Populating the Test Script variable with Data After Creation of Test Script and configuring it for using from local pc, we need to populate the data in the downloaded file saved in the local PC. Go to the directory where you saved the file. Open the file with spreadsheet solution (MS Excel). Here you can see the columns where you can then populate the data. In this example, we have the following columns to populate: XY, YZ, PARENT_ROLE, DERIVE_ROLE_TEXT, DER_ROLE. The fields XY and YZ are represnting two Organization level fields here.
20.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 20 Note: I would suggest not to assign or maintain the organization Levels during this process as the number, type of Organization Levels may vary in different roles to great extent. So, populating the Org. level fields while creating the Derive roles can create erronious entries. Save the file after putting all data in the orginial extention (.txt). Execution of Script to Create the Derive Roles Go to transaction SECATT Select the Test Configuration with the name of the Test configuration Execute You will be prompted to select the Error behavior and Debugging mode. Also you can choose whether you want to keep a log for the execution to review the errors and their details.
21.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 21 Inside of the Variants tab, you will be able to see the link to the file you are going to use the Input. Within the UI (user interface) Control tab you need to select Start mode, SAP GUI behavior, Processing mode, Error mode for SAP GUI.
22.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 22 The Start mode should be “N Background Processing”. You can select the option “Save Screenshots” to collect the screen shots of errors In case of error to analyze it with more detail view. The screenshot view path is also available to manage. Breakpoint is another tab where you can put a script and select if you want it to be Inactive (for a particular version) if you have a more updated version with the same file name.
23.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 23 Monitoring the Log of e-CATT execution After execution is completed, the log screen appears with the type errors. In the below screen we can see the errors with the Role name length issue. If you select the option for Error behavior to continue with processing even if any error occurs, then you will be able to see the error details after a complete execution of the script. Clicking on the Test Configuration will take you to the Test configuration screen where you can check if you have enetered correct version or name of test script in the Test Configuration or not.
24.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 24 Without expantion, you can see the high level view of the errors from the color legend. Go back after the error analysis.
25.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 25 Review of Role Data From the AGR tables, you can verify the newly created roles and their input data. 1. AGR_DEFINE: You can see the high level overview of the role, text, number of roles created. May download for better analysis with the Input data in excel format.
26.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 26 2. AGR_PROF: Successful generation of profiles for each derive role. Other tables you may want to verify are as follows: 3. AGR_1251 4. AGR_1252 If you want to check the log at later time, you can do it in the following way: Go to SECATT transaction click on “Goto” Logs
27.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 27 Put the time frame, user id (executed the script) and execute. Select the relevant log you want to analyze again. (Clicking on the Log “Activity No.” will directly open up the log). If you want to download it in you pc, first you go to the print preview and then download it.
28.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 28 The downloaded (in html format) error log is shown below.
29.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 29 Related Content https://www.sdn.sap.com/irj/sdn/ecatt eCATT: extended Computer Aided Test Tool (BC-TWB-TST-ECA) eCATT (wiki link). For more information, visit the Security homepage
30.
Using e-CATT in
SecurityWorks: Creation of Derive roles by using SECATT SAP COMMUNITY NETWORK SDN - sdn.sap.com | BPX - bpx.sap.com | BOC - boc.sap.com | UAC - uac.sap.com © 2010 SAP AG 30 Disclaimer and Liability Notice This document may discuss sample coding or other information that does not include SAP official interfaces and therefore is not supported by SAP. Changes made based on this information are not supported and can be overwritten during an upgrade. SAPw ill not be held liable for any damages caused by using or misusing the information, code or methods suggested in this document, and anyone using these methods does so at his/her own risk. SAP offers no guarantees and assumes no responsibility or liability of any typew ith respect to the content of this technical article or code sample, including any liability resulting from incompatibility betw een the content within this document and the materials and services offered by SAP. You agree that you will not hold, or seek to hold, SAP responsible or liable w ith respect to the content of this document.
Download now