Search
Close this search box.

The new Features of XAMS with Service Pack 19

Once again this year, with the XAMS Support Package 19, there are innovations surrounding the Xiting Authorization Management Suite (XAMS). Taking into account our experiences from various projects and the feedback from our customers, the developers at Xiting have implemented a multitude of new functions.

This blog post sheds light on some of the new features that have been implemented as part of Service Pack 19 to give you an insight into the changes that have been made.

Simplified License Analysis with XAMS

In today’s world, the topic of user licenses is more relevant than ever, and many SAP customers are facing the challenge of dealing with the current changes and innovations in license management, especially in the context of S/4HANA migrations.

For this reason, the existing tools for license analysis have been expanded and optimized with XAMS Service Pack 19. These improvements now allow for a detailed analysis of users, taking into account the ST03N statistical data and the assigned roles.

These innovations provide SAP customers with an efficient solution to analyze their user licenses and determine the licensing requirements within the scope of S/4HANA.

Figure 1: License analysis in Role Designer

To delve deeper into this exciting topic, we offer a live webinar for customers and interested parties. The session includes a live demo as well as the opportunity for you to ask your individual questions to our experts.

Even More Extensive Virtual Role Management

In customer projects, the Role Designer proves to be an extremely useful virtual role management tool. Over the years, additional features have been continuously integrated to facilitate the virtual management of users and roles. With Service Pack 19, features from the Coverage Analyzer have been integrated. This integration now allows for the display of the amount of data collected from Productive Test Simulations (PTS) in the project and direct navigation to the Coverage Analyzer.

A significant development related to Fiori applications was the introduction of the Fiori App Tracker with Service Pack 18. The functionalities of this tool have now been integrated into the Role Designer with the new Service Pack. This allows for the display of the apps used in the usage statistics. This integration improves efficiency in role creation based on the “need-to-know” principle and provides users with a comprehensive overview of application activities.

Simplified Management of UIAD Applications

XAMS SP19 not only offers the aforementioned integration of the Fiori App Tracker into the Role Designer but also additional functions related to Fiori that are available in other XAMS modules. For example, the mass processing tools in the Role Replicator have been adjusted, expanded, and made more user-friendly:

Constraints regarding the semantic object and action during the mass creation of UIAD applications have been removed with SP19. This now allows for complete flexibility in the creation of Fiori-related transactions.

Would you like to gain further insights into this topic and experience the Role Replicator in XAMS live in a demo? Then sign up for this special webinar marking the release of the new Service Pack 19:

Efficient Adjustment of Authorizations

In conjunction with the Xiting Times module, the Role Builder offers a revolutionary way of testing new authorizations in redesign projects with the Productive Test Simulation (PTS). Here, end users are allowed to continue working with their old roles while the new roles are indirectly provided in the “backpack”. Whenever a authorization check is performed, it is first done against the new roles in the “backpack” and if necessary, in the second step against the currently assigned role. While end users are not affected by these “virtual” authorization errors, role administrators can use them to optimize the new role in the “backpack”.

To make optimization more efficient, a function requested by many of our customers is available with SP19: It is now possible to adjust authorizations of a role directly via the Role Builder Coverage Analyzer:

Figure 2: Evaluation and adjustment of test data in the Role Builder Coverage Analyzer

The evaluation of Fiori Logs in Xiting Times has also been made clearer and user-friendly. We now find detailed information on Xiting Times sessions:

Figure 3: Fiori Logs in Xiting Times

Centralized Interface and Automated Validation in XAMS CRAF

The XAMS Critical Authorization Framework (CRAF) provides companies with an integrated tool for analyzing critical authorizations and function separation conflicts (SoDs). Ad-hoc analyses offer a quick insight into the critical authorizations of existing roles and/or users.

Significant adjustments have been made with SP19: The selection criteria can now be defined more comprehensively, and the check can be executed in the background in the CRAF Ad-hoc Check. There is no longer a need to switch back and forth between Role Profiler and Security Architect (e.g., for risk analysis via background processing or for exporting results). This integration allows the CRAF Ad-hoc Check to be used as the central entry point for risk analysis in the future. All functionalities for risk analysis are now consolidated under one menu node.

Furthermore, a new function allows for the validation of critical authorization and combination IDs against applications: Results that are critical on an object level (e.g., S_USER_GRP with ACTVT 06) can be displayed as “False Positive” if the user is not authorized for the corresponding application (in this example, transaction “SU01 – User Maintenance”). The validation also supports the analysis of authorizations for accessing Fiori apps. This enables comprehensive checking of functional as well as application-related (i.e., transaction, Web Dynpro, Fiori App, etc.) authorizations. An existing rule set in XAMS CRAF can be easily extended for this purpose.


With the Check Mode in Security Architect, you can check the current state of your systems against the defined target state in the document.

Two new checks are introduced in SP19 in the Security Architect: It is now possible to check the validity of all PSE certificates and to view role changes by unauthorized users. For all checks, there is now also the option to specify the email address of a responsible person in the email customization depending on the check ID, system, and client. Furthermore, the System Check Tool has also been expanded to include CRAF checks in the evaluation and to select various systems for ST03N evaluations.

Since its initial introduction with SP17, the SIEM Connector has also been continuously developed. A new monitoring tool is now available, which displays the last 1000 alerts already on the SAP central system. This is especially helpful for monitoring log extraction and identifying potential operational issues. A Debug Mode is available with SP19 to provide detailed information about the behavior of the SIEM background job, which is helpful for troubleshooting and resolution. Furthermore, the customization of the email adapter has been expanded and optimized.

In summary, it can be said that great innovations have been developed with SP19 in XAMS as well. For an application-oriented insight into the new features, you can participate in our new Use Case Webinars. The focus here is on license analysis using XAMS, as well as the mass creation of Fiori applications.

Would you like to experience the new SP19 features live?

Karin Fertich
Latest posts by Karin Fertich (see all)
Contact

Get in touch with us!

Do you have questions about our products?

+41 43 422 8803
[email protected]
+49 7656 8999 002
[email protected]
+1 855 594 84 64
[email protected]
+44 1454 838 785
[email protected]
Contact
Webinars

Attend our live webinars and learn more from our experts about SAP authorizations, XAMS, SAP IDM and many other topics in the context of SAP security.

Register now