Technical Tips to Consider Before Using SAP's OpenSQL Tool for SAP Access Control 5.3

  • by John Stephens, Senior SAP Security Consultant, Hermosa Beach Consulting Group
  • February 26, 2013
Before you start to use SAP's OpenSQL Tool for SAP Access Control 5.3, review this list of technical tips.

I recommend that you not use this tool until you have implemented at minimum SAP Access Control 5.3, Support Package 11. According to SAP Note 1168508 (Compliant User Provisioning 5.3 Support Package (VIRAE), Support Package 11 fixes the Open SQL COUNT clause, and Support Package 12 fixes the WHERE clause (see the list of SAP Notes at the end of this article).

Generally, only SAP Access Control administrators would access this application. Extensive knowledge of how the system is configured, as well as transactional functional knowledge of the data, is required to understand the information the OpenSQL statements retrieve. Additionally, SAP Access Control administrator security rights are required to access the tool.

Once you are already logged on to SAP Access Control, enter the following URL into the browser:


John Stephens

John M. Stephens is a senior SAP security and GRC consultant with Hermosa Beach Consulting Group. He has 15 years of SAP authorizations experience and has specialized in security implementations and upgrades of SAP GRC, SAP NetWeaver BW, SAP BusinessObjects, and SAP NetWeaver Portal over the last five years. Before joining Hermosa Beach Consulting Group, he managed teams to coordinate and performed SAP security implementations and administration activities within small, midsize, and large multinational SAP environments and operated as an independent consultant, performing SAP system audits, security implementations, and redesigns across many SAP applications.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.