Skip to Content

Support Pack installation and Security - - ?

Friends,

We are going through a Support Pack installation not Version Upgrade

What is the usual security practice during support pack installation?

As per my previous experience,

Security is not involved in support pack installation until there is an authorization issue during testing and we just fixed authorization issues(If they arise) when required

Version upgrade is when we really used the SU25 utility and regenerated all the roles and tested them.

Please advice on what you all do during Support Pack Installation

Thanks in advance

LK

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

5 Answers

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Oct 14, 2010 at 03:52 PM

    You are on right track. Support pack installation do not impact "roles and authorisations".

    If you are in doubt, run "side effect" report and go applicable notes.

    Regards,

    Krishna

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Oct 14, 2010 at 04:13 PM

    Hi

    You can check the security guide of your product version. The security guide of SAP products are always updated according with the SP level installed.

    You can check the changelog of your SP level in the security guide to check what changed.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Oct 14, 2010 at 05:12 PM

    There are several places where the security personnel would be involved in a support pack installation:

    1. Security related notes (fixes to security functionality)

    2. Functional related notes with security implications (such as updating authorizational requirements)

    3. Changes or enhancements to functionality

    4. Security support for the implementation

    Personally, I pull a list of everything in the support pack and go through anything that is specifically listed as security and then spot check everything else. Anything I find, I personally test before releasing it out for regular unit test or UAT.

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Oct 15, 2010 at 05:54 AM

    Hi JK,

    Good Practice to apply Support Packages is , don't apply them directly to PRD Server because there can be some negative effects.

    There are some points which you should keep in mind before applying SPs:

    1. Offline database backup.

    2. NT State backup

    3. USR Folder backup

    4. Check open transport Request

    5. Client checking

    6. Checking updates

    7. Lock users on all clients for a specific server.

    8. SC06- Change components from non-modifiable to modifiable.

    While applying SPs we must have a strong ABAP + Functional team.

    Thanks & Regards

    Disha Gupta

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Oct 15, 2010 at 07:57 AM

    Hi,

    also if you 'only' apply supportpackages, SU25 is advisable!

    b.rgds, Bernhard

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.