Cross-system permission comparison

Format for printing
NOTE MARCH 2009

Cross-system permission comparison

There might be several situations where it is a help to compare
the permission settings of two ore more portal environments.
This is a short guide on how to gather the information,
and then how to get the results.

I    Collect data

1. Log on to the portal where you want to analyze the ACL
  [Access control list]  permissions.

2. Go to the address line in your browser
http://<machine>:<port>

which is e.g.

http://t0001367.ecc.if6comp.de:52000

3. there you enter at the end of the above URL the following string

/servlet/prt/portal/prtroot/com.sap.portal.admin.acleditor.listPermissions

So that is looks like this:

http://t0001367.ecc.if6comp.de:52000/irj/servlet/prt/portal/prtroot
/com.sap.portal.admin.acleditor.listPermissions

The ACL [access control list] list will be displayed after a while.


II    ACL List comparison

Take the lists of the two systems you want to compare.

Please copy all content and paste it into a spreadsheet for data clean up.
Clean up the headlines.
Prepare a MS Access® database with two tables like this
 – each three columns:

 

Mark the first line of the table.
 

And paste the cleaned and copied content of the first file into the first table.

Proceed in the same way for the second table.

Now go to menu path Queries – New and select:


 

Select the first table that is to be your reference.

 


Then the second table for comparison:

 

Leave the fields like displayed below.
 


This will allow a field match considering all characteristics.

Select all columns by marking the individual entries and
pushing the arrow button.

 

Select all available fields.

 
 
So that it looks like this:



Name the query:


 

Execute the query.

The result will show entries as for the above examples that are
only available in Sys_I but are missing in Sys_II.
Do not forget to run the query to check what is maybe
in Sys_II and not in Sys_I.

The result list will allow you to check for inconsistencies
in the permission set up of your portal environment.


! NOTE

In case the ACL list shows a button for update of inner ACL
then please push the button:

 

Missing inner ACLs may lead to themes appearing corrupt,
desktop invisibility at logon or a role being invisible to a user that is assigned.
Filename/Title Größe
Note_03_09_cross_system_permission_comparison.pdf 138.45 KB

Posted in Notes 2009 | printer friendly version »