These pages describe different used cases of Configuration Validation in detail.
Where can I find Configuration Validation?
Configuration Validation can be found in the Work Center Change Management in Related Links. You can start Solution Manager Work Center either via direct URL link or via the transaction SM_WORKCENTER from the SAP GUI.
Starting with SAP Solution Manager 7.1 SP05 Configuration Validation is also part of the RCA Workcenter.
Is there a training for Configuration Validation available?
Yes, you can participate in an Expert Guided Implementation session which is offered by the SAP Enterprise Support Academy.
Goto SAP Enterprise Support Academy in SAP Enterprise Support and start the course catalog with link "Register for upcoming EGIs" and search for the course using pattern "Configuration Validation". Within the catalog entry expand "View Course Dates" to display the upcoming course dates.
Introducing Change Diagnostics Capabilities
This link introduces the change diagnostics capabilities in SAP Solution Manager 7.10.
It comprises the following applications:
- Change Reporting
- E2E Change Analysis
- Configuration Validation
Change Diagnostics Intro
Configuration Validation in SAP Solution Manager 7.2
There are demos available recorded for the Meet the Expert program of the SAP Enterprise Support Academy (SAP Service Marketplace s-user required).
Go to the SAP Enterprise Support Academy in "View By Delivery Format" choose "Meet The Expert (MTE)" which opens the SAP Enterprise Support Academy - Learning Studio.
Within the Learning Studio in "Delivery Method" check: Meet the Expert - Replay Libray. Then search the catalog using: Configuration Validation.
4 recordings are available
- Configuration Validation for Security
- SAP Enterprise Support – Security Configuration Validation
- SAP Solution Manager 7.1: Configuration Validation
- SAP Solution Manager Security Dashboard ( for this one search for: Security Dashboard)
Another good recording is that one from TechEd 2013 Security Control Center by SAP Active Global Support
Introducing the Report Directory
This page describes the use of the report directory of the Configuration Validation to explore Configuration Items, e.g. ABAP transport requests. The Configuration and Change database (setup via RCA setup) collects for each technical system of type ABAP the import history of transports starting with the setup day. A config store called ABAP_TRANSPORTS contains the recorded transports.
Configuration Validation Special Features
This page describes the use of Configuration Validation using special customizing and features:
- Selective read of data and filtering
- Using outdated Config Stores
- Validation of instance or node type dependent Config Stores
This page describes the integration of Configuration Validation into the Alert Inbox
SAP Knowledge Base Articles describing Target Systems
- SAP KBA 2253549 contains target systems derived from the SAP Security Baseline Template which are ready to use and may used as base for customer target systems.
- SAP KBA 2317318 describes how to validate Java systems for property EnableInvokerServletGlobally using Configuration Validation (CERT Alert TA16-132A)
ABAP Parameter Validation
This page describes the use of Configuration Validation in the context of ABAP parameters. The Configuration and Change database (setup via RCA setup) collects for each technical system and its instances of type ABAP the information about the parameter used by the SAP system.
The runtime of a daily job has sometimes a long runtime. Most of the daily runs are quite fast. Investigating the symptom it was found out that the long runtime is related to one definite instance on which the job is running.
The configuration validation can help to identify parameters which have a value that is different from other instances.
ABAP Software Level Validation
This page describes the use of Configuration Validation in the context of Software level validation. The Configuration and Change database (setup via RCA setup) collects for each technical system of type ABAP the currently implemented software components and their release. A Config Store called ABAP_COMP_SPLEVEL contains the recorded info on implemented software components.
J2EE Software Level Validation
This page describes about the use cases of Configuration Validation in the content of J2EE Software level and deployed objects.
SAP Kernel Validation
This page describes about the use cases of Configuration Validation in the content of ABAP kernel.
The CommonCryptoLib uses a specific version number.
Working with XML config stores in Configuration Validation
This page describes the use of config stores of type xml for Configuration Validation. Two config stores of type xml are going to be used as examples.For host related information config store saposcol is available. It contains basic information about the configuration of the host used by a technical system. For J2EE technical system for each J2EE node a config store SAP_J2EEClusterNode exists. It contains basic information about the node configuration.
ABAP Basis Security Validation
This page describes use cases of Configuration Validation with focus on security items.
ABAP Basis Security Validation using the Management Dashboard
This pages describes the reporting upon ABAP Basis Security content using the Management Dashboard.
ABAP and J2EE notes validation
This page describes the use of Configuration Validation in the context of ABAP Notes. The Configuration and Change database (setup via RCA setup) collects for each technical system of type ABAP the SAP Notes implemented via the transaction SNOTE. A Config Store called ABAP_NOTES contains the recorded information on implemented SAP Notes. The example uses a Solution Manager 7.10 where a development System (SD7 as DEV) and an integration system (SI7 as PROD) are connected to as managed systems.
Reporting the results of System Recommendations using Configuration Validation
This page describes the reporting in Configuration Validation upon missing SAP Notes which were calculated by System Recommendation.
Using System Recommendations to create target systems containing SAP security notes
This page describes how to create and use the stores filled with the security SAP Notes from System Recommendations source for Configuration Validation. The Configuration and Change database (setup via RCA setup) collects for each technical system of type ABAP the SAP Notes implemented for this system via the transaction SNOTE. The config store named ABAP_NOTES contains the applied SAP Notes using SNOTE. In the example used it would be considered how to validate which security SAP Notes are missing in the compared systems.
ABAP Transports Validation
This page describes which out-of-the-box validation reports are available in reporting directory regarding ABAP transports.
Aggregating Check Results
This page shows how to detect vulnerable systems based on two checks in two different config stores but getting one compliant status reported for each system.
Content of CCDB for a Technical System of type ABAP
This page introduces the available config stores for a technical system of type ABAP.
This page describes the new CCDB Administration application:
Transporting Target Systems
This page describes how to transport target systems:
This page describes how to optimize reporting:
Adding User and Role Information for J2EE
This page describes how to add config stores with user and role information for J2EE based on SPML.