Protect4S - VM User Guide
  • Protect4S - VM User Guide
  • Introduction
    • Quick setup
    • Support
    • Protect4S VM place in SAP system landscape
  • Pre-conditions and installation
    • Supported operating system and database types
    • Software version requirements
    • Recommendations
    • Heterogeneous database connections
  • Protect4S VM Software Installation
    • Add-On Installation, import support packages and upgrade
    • Installation post-processing
  • Create Protect4S VM users and roles
    • Distribution of satellite roles
    • satellite system ABAP RFC user using wizard
    • satellite system ABAP RFC user MANUAL SETUP
    • satellite system JAVA user
    • satellite system database user
    • satellite system operating system user
    • Operating system user other than <sid>adm
    • Satellite system BusinessObjects user
  • Check and set Application settings
  • Protect4S VM Menu
  • Execute the Quick setup
    • Company
    • Systems
      • Creating an ABAP system
      • Creating a JAVA system
      • Creating a BusinessObjects BI system
      • Creating a HANA standalone system
      • Creating a SAP Web Dispatcher system
      • Creating a SAProuter system
      • Creating a SAP Cloud Connector system
      • SAPControl security settings
  • Create a project
    • New project
    • New Scan
  • Check Template
  • Contact persons and Scan subscription
    • Contact persons
    • Scan subscriptions
  • Reports
    • Scan result
    • Scan results information
    • System tab
    • Company tab
    • Scan statistics tab
    • Check overview
    • Risk history
    • Scan statistics
    • Scan export
    • Mitigation report
    • Scan comparison
    • Management overview
    • Connection map
  • Mitigation of Vulnerabilities
    • Mitigation menu
  • Check exemptions
  • SIEM Interface
  • Integration
    • Incident Management
  • Information and support
    • Welcome menu
    • Product information
    • Check information
    • Change log
    • User Guide
    • Report a software defect
    • Feature request
  • Deinstallation
  • Appendix A: Troubleshooting Satellite System connection issues
    • SAPControl connections
    • Database connection
    • JAVA connection
    • HTTPS certificate errors
  • Appendix B: Installation database libraries
    • IBM DB2
    • MSSQL
    • MaxDB
    • Oracle
    • SAP Sybase
    • SAP HANA
  • Appendix C: satellite system Communication Ports
  • Appendix D: Protect4S VM SICF Services
  • Appendix E: using a server group
  • Appendix F System context
  • Appendix G DNS resolving
  • Appendix H Dump in Scan subsciptions
  • Appendix I HTTPURLLOC table
  • Appendix J - Risk Matrix
  • Appendix K - Short dump function module "PFL_GET_SINGLE_PARAMETER" not found
  • FAQs
    • General
    • Installation
    • Configuration
    • Projects and scans
  • Contact us
Powered by GitBook
On this page

Was this helpful?

  1. Create Protect4S VM users and roles

satellite system ABAP RFC user MANUAL SETUP

Previoussatellite system ABAP RFC user using wizardNextsatellite system JAVA user

Last updated 2 years ago

Was this helpful?

A dedicated SAP User must be created (of user type "SYSTEM") in all applicable clients of the satellite system and provided with the role ESEC_SA_SATELLITE that is delivered as part of the installation. This role only grants the rights to execute the security checks but not to change data. The role must be downloaded from the Protect4S system using transaction PFCG and uploaded in the satellite system.

For short term assessments also limit the validity period of the user to the period of the assessment. This can be set on the LOGON DATA tab.

Users in Development satellite systems that are used for mitigation of OSS Notes and have the role ESEC_SA_SATELLITE_MITIGATE, should be created as user type "SERVICE". When executing mitigations on a S/4HANA system, in addition to the ESEC_SA_SATELLITE_MITIGATE role, you also need to add the role ESEC_SA_SATELLITE_MITIGATE_S4 for a delta of additional S/4HANA authorizations.

Make sure that both the background user in the Protect4S system and the Protect4S VM RFC users in the satellite systems have the same date-format settings so that date and time calculations are executed correctly. Also set the Logon Language to "EN".

This must be configured using transaction SU01 on the DEFAULTS tab and set as displayed in the figure below: