Skip to Content

When SAP GUI installed in a fresh/New System Users will Get a SAP GUI annoys question asking us for permission to allowing SAP GUI (SAP GUI Security Popup )

 

Why we are getting it :

It is because of the “Default Action”, In SAP GUI 7.5 the default values of DefaultAction  is “1” which is ASK as per below screenshot :

You can check it by Going in the Option –>Security –> Security Settings

 

Solution :

Well ! We can avoid this Popup and always allow your decision for each systems using Scripting at SAP GUI packaging level To Avoid that popup .

 

After downloading SAP GUI and Creation of SAP GUI installation server (You can take reference of https://blogs.sap.com/2014/05/29/sapgui-installation-server-part-1-getting-started/)

Create a New Package and select the component which you required in your GUI Package :

 

 

Once your Package is created, Goto your Package Configuration and at below goto “On Installation End” :

 

 

Type the below script and click on Save :

 

If “%WOW64MODE%” = “true” Then
NwEngine.Shell.SetRegValue “HKLM\SOFTWARE\Wow6432Node\SAP\SAPGUI Front\SAP Frontend Server\Security\DefaultAction”, “REG_DWORD”, “0”

Else
NwEngine.Shell.SetRegValue “HKLM\SOFTWARE\SAP\SAPGUI Front\SAP Frontend Server\Security\DefaultAction”, “REG_DWORD”, “0”

End If

 

 

The Above script will disable the Security level popup in WIN64 as well as in WIN32 .

Once the scripting is done, Click on Save and create the Package .

When we run the newly created SAP GUI 7.5 package it will automatically allow user decision for the Security popup and user will not get that popup.  🙂 🙂

 

Note :  the Script for Disabling Security popup is only applicable for HKLM not for HKCU .

To report this post you need to login first.

1 Comment

You must be Logged on to comment or reply to a post.

  1. Frank Krause

    Hi all,

    I would like to comment this blogs from SAP side.

    The approach outlined above is absolutely not recommended, because almost turns off SAP GUI Security center. All actions (not covered by explicit rules defined in SAP GUI) triggered by an SAP System on the Frontend (this could be the execution of a program or the download of a program followed by its execution and many more) will be automatically permitted. This means: If any of the SAP Systems in your landscape should contain a hostile program that executes such an action your users will not be protected at all and an attacker might gain control over the client PCs.

    Rather check the SAP GUI Security guide for information how to customize the saprules.xml file so that actions that are essential for your applications are automatically permitted by SAP GUI:
    https://www.sap.com/documents/2017/07/8ae5660b-c97c-0010-82c7-eda71af511fa.html

    If you do this properly the number of popups presented to the users can be limited to the absolutely mininum required number.

    Best regards,
    Frank

     

    (0) 

Leave a Reply