Difference between User Group in "Logon data" and "Groups"
tab in SU01
Answer Posted / sanketshingote
User Group under Logon data - It is used for Authorization check. Auth. Object S_USER_GRP(ACTVT, CLASS) will be checked. This is helpful to restrict admins to particular group. They cannot access the information from other group.
Groups Tab - This is a general purpose group. This is not used for Authorization check at all. Anything maintained or not maintained here doesn't make any difference. This was helpful when SUIM T-code was used for searching users with Users with complex selection criteria to get details of user assigned to particular group. This not not used much.
Example for User Group under Logon Data Tab:
Assume you have a Basis team and want to just access the users for this team, you will just create a group(ex.: Basis) for all these users and restrict the admin to just have access to the group(ex. Basis) with these users. The admin will then have access to only users under this group and cannot access other users at all.
Is This Answer Correct ? | 1 Yes | 0 No |
Post New Answer View All Answers
As a SAP security consultant what is the most challenged you faced in previous company?
Why is it important to delete sap-new profile? What steps will you take to do this?
How to update risk id in rule set?
What appears as the last sentence in sap note 587410? What does it men and how would you restrict it?
what is user buffer?
Differentiate between derived role and composite role
what are the pre-requisites that should be taken before assigning sap_all to a user even there is an approval from authorization controllers?
Attributes in SE01?
1) Explain different type of Users? Explain specifically Service User? 2) Difference between System and Communication User?Explain in Context of Profile Parameter? 3) There are 5 systems say BI, SOLMAN, CRM, PI, SRM etc etc. Which system will act as a satellite system in CUA and Why? HOw CUa system works? 4) State different types of Transactions & Tables in Strutural Authorization Profile in HR Security? 5) What is L0 , L1 , L2 , L3 , L4 code called in HR Security? 6) What fields are required to create Strutural Authorization Profile in HR Security? State significance of Evaluation Path? 7) What is Structural Authorization Profile in HR Security? When required Role has already been assigned to User then why Structural Authorization Profile is required by user? 8) How are structural Authorization Profile are created? 9) Important Authorization Object in HR Security? 10) Fields in P_ORGIN A.O? 11) Important infotypes and What is PA? 12) How access is provided for tables to user? Significance of Authorization Group in TDDAT table? 13) Difference between SU22 and SU24? 14) Explain Authorization Structure? 15) Which table stores the Authorization Object of a User? 16) What we do to keep Roles consistent in DEV QAS and PRD? 17) A User has create and display access? Will he have access to change as well? 18) How User can have access to view salary slip of other employees(HR Security)?Explain in detail. 19) In HR security does we add Employee ID anywhere in Roles? 20) Any issue you have faced while Transport? 21) Have you faced any issue in Upgrade? Expalain how to compare Roles from older version of SAP to new version of SAP? 22) Any typical issue you have resolved in HR Security?
explain the personalization tab within a role?
How do you check background jobs?
what is analysis authorization in sap bi and how to create analysis authorization in sap bi?
What are the uses of an authorization group?
what is the critical issue u are faced in your previous experience
How to do Role Design, Testing and Implementation