Security & configuration validation check for client 001 and 066 existence…

Security & configuration validation can be used to check for the existence of clients 001 and 066.

The 066 early watch client and old delivery clients 001 are only security risks (unless in rare cases 001 has been chosen as execution client). Best to delete them from security point of view (see reference blog).

Setting up security and configuration validation rule to check for existence of clients 001 and 066

Go to the security and configuration validation policy tile:

Create a new policy with the following syntax:

<?xml version="1.0" encoding="utf-8"?>
<targetsystem xmlns:xsi="" desc="Test CLIENTS Store" id="TEST_CLIENTS" multisql="Yes" version="0000" xsi:schemaLocation="csa_policy.xsd">
  <configstore name="CLIENTS">
    <checkitem desc="CLIENTS_CHECK" id="">
      <compliant>MANDT = '000' or MANDT = '010' or MANDT = '100'        </compliant>
      <noncompliant> MANDT = '001' or MANDT = '066' </noncompliant>

In the compliant section add more clients that are valid and/or change the numbers to your own situation.

Basically the rule says: 000 and main client(s) listed are compliant. 001 and 066 are not compliant.

Running the check

Run the check will give you all existing 001 and 066 clients as incompliant items: