Skip to Content
Author's profile photo Wolf Hengevoss

How to Grant Full Read-Permission Without Change Permission in the SAP NetWeaver System Landscape Directory (SLD)

Using a Support User to Grant “Read All, Change Nothing” Access Rights to SLD Systems

The System Landscape Directory (SLD) of the SAP NetWeaver is a central provider of information on software and systems and SLD data is critical to many processes, so you need to protect it. In some cases, however, it is necessary that a person can see all SLD data – including those used by the SLD administrator – but need not change them: Often, this is the case when it comes to issues requiring support, so for this use case, a specific support role is available, sparing you the risk that might be caused by assigning an administrator user.

Steps to Create a Support User

Creating a SUPPORT User

 

Allow display of all SLD data without change permission

 

Open the user maintenance:

– Open the AS Java start page
– Choose the
User Management.

User Management

 

Create a new user:

– Choose Create User.

Create User

Enter the user’s data:

Logon ID for example = SLD_SUPPORT

– Enter a password

Choose Assign Groups

User data

Assign a Group to user SLD_SUPPORT:

– Filter for and choose Group = SAP_SLD_SUPPORT
(this grants full read rights).

– Choose Add.

Save your settings.

Assigned group

Result

The newly created user will be able to see all SLD data but not allowed to change them.

Additional Information

Additional Information on the SLD is available on the SDN under quick link nw-sld (System Landscape Directory (SLD))

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.