Skip to Content
avatar image
Former Member

DDIC and changing ownership of Jobs

Goodmorning experts,

I have a question about DDIC user . We use the Security audit log for the DDIC user in our R/3 Productive systems and the logs are very long because the all the filters are enabled . They are required by the auditors so we cant deactivate them.

To make the generated reports smaller , we thought of changing owner in some jobs where the DDIC is the default user . The list of the jobs is :

RDDDIC3L

RDDDIS0L

RDDEXECL

RDDFDBCK

RDDIMPDP

RDDMASGL

RDDMNTAB

RDDVERSL

SAP_APPLICATION_STAT_COLLECTOR

SAP_CCMS_MONI_BATCH_DP

SAP_REORG_PRIPARAMS

SAP_REORG_XMILOG

SDB_MONITORING_DATA_AUTO_ACTIONS

I will not touch the jobs in the 000 clients , i am talking only in the productive systems.

Is there any other solution about making the audit logs smaller ? Or should i proceed with changing some jobs on a user with the same authorizations like the DDIC , although it is not recommended ?

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Nov 04, 2008 at 08:32 AM

    Very good idea.

    Create a SYSTEM type user with specific authority for those "basis jobs" only (so that they are not worth logging for all events) and schedule them under that user ID.

    You can do the same in client 000 as well, and then trim DDIC's authority and secure it in a user group until the next upgrade (which is what DDIC was intended for - but then some bright spark hardcoded the ID into a few other programs... but those have all been removed now, to my knowledge).

    Cheers,

    Julius

    Add comment
    10|10000 characters needed characters exceeded