Quarterly Tasks

&KDSWHU 6FKHGXOHG4XDUWHUO\7DVNV

&RQWHQWV The R/3 System .......................................................................................................7–2 Database ..................................................................................................................7–3 Operating System ...................................................................................................7–3 Other.........................................................................................................................7–4 Notes ........................................................................................................................7–4

System Administration Made Easy

7–1

Chapter 7: Scheduled Quarterly Tasks The R/3 System

7KH56\VWHP System: __________ Date: ____/____/____ Admin: _____________________ Task

Transaction

Chapter Procedure

Archive quarterly backup

Security review

Review scheduled jobs

7–2

Check off/Initial

Send quarter-end backup tapes to long-term offsite storage. SU01—User Maintenance

12

Review user ID for terminated users that should be locked or deleted.

SM31—Table Maintenance

19

Review list of “prohibited” passwords (Table USR40).

RZ10—Edit System Profile

20

Review system profile parameters for password standards.

SM37— Background Jobs

16

Review all scheduled jobs to determine if they are still appropriate.

Release 4.6A/B

Chapter 7: Scheduled Quarterly Tasks Database

'DWDEDVH Task

Where

Archive quarterly backup

Review all scheduled jobs

SM37

Test database recovery process

Chapter

Procedure

3

Send quarter-end backup tape to longterm offsite storage.

16

Review all scheduled jobs to determine if they are still appropriate.

2&3

Restore database to a test server.

Check off/Initial

Test the restored database.

2SHUDWLQJ6\VWHP Task

Where

Archive quarterly backup

Archive old transport files.

Transport directories; log, data, cofiles

Cleanup SAPDBA logs (Oracle)

SAPDBA cleanup

System Administration Made Easy

Chapter

Procedure

3

Send quarter-end backup tape to longterm offsite storage.

15

Archive the old transport files.

Check off/Initial

Maintain init<SID>.dba

7–3

Chapter 7: Scheduled Quarterly Tasks Other

2WKHU Task

Where

Procedure

Check maintenance contacts

Check off/Initial

Check for expiration date. Check for usage changes.

1RWHV Problem

Action

Resolution

In chapters 4-8, we have included a list of transactions like the ones below. This list contains basic information about the transactions in the checklist. For additional information on these transactions, see the chapter referenced in each checklist.

(GLW6\VWHP3URILOH3DUDPHWHUV7UDQVDFWLRQ5=  :KDW

There are security parameters for the user’s password (for example, the minimum password length, the time interval that the user must change their password, and so on). The following is a list of the most important password parameters:

7–4

<

Minimum password length: login/min_password_lng A longer password is more difficult to break or guess. ΠThe standard for many companies is five (5) characters.

<

Password expiration time: login/password_expiration_time This is the length of time before the user must change their password. ΠThe length of time that auditors recommend is thirty (30) days. ΠThe maximum that should be used is ninety (90) days.

<

Password lockout: login/fails_to_user_lock This parameter locks out users after attempting to log in with an invalid password for a defined number of times. ΠThe standard is to lock a user after three (3) failed attempts. Release 4.6A/B

Chapter 7: Scheduled Quarterly Tasks Notes

:K\

Properly assigned parameters will make it more difficult to break into the system.

6HOHFW%DFNJURXQG-REV7UDQVDFWLRQ60  :KDW

Background jobs are batch jobs scheduled to run at specific times during the day. :K\

If you are running critical jobs, you need to know if the job failed because there may be other processes, activities, or tasks that are dependent on these jobs.

8VHU0DLQWHQDQFH7UDQVDFWLRQ68  :KDW

The lock/unlock function is part of the logon check, which allows or prevents the user from logging onto the R/3 System. For terminated users, the user’s ID should be locked and the user assigned to the user group “term.” :K\

<

Locking a user If an employee leaves the company, is assigned to a different group, or is on leave, their R/3 access should be removed. With the lock function, the user’s ID and security profile remain on the system but the user cannot log on. This function is ideal for temporary personnel or consultants where, unless the access is required, the user ID remains locked.

<

Unlocking a user If users incorrectly log on more that the allowed number of times, they are automatically locked out of the system. (An incorrect logon is usually the result of a forgotten password.) The administrator must unlock the user ID and more than likely reset the user’s password.

System Administration Made Easy

7–5

Chapter 7: Scheduled Quarterly Tasks Notes

7–6

Release 4.6A/B