This
article answers the following queries:
- What are the different user types in SAP?
- Which user type(s) is /are used for dialog free communication in SAP?
- Validity period of a password is not applicable to which user type(s) in SAP?
- What are the specific uses of system user type in SAP?
- Which user type(s) cannot be used for direct logon to the SAP system?
- Which user type in SAP does not have a check on validity of password expiry or initial password?
- Which user type in SAP can be used to assign additional identical authorizations to other users?
- What are the different user types in SAP?
These
are the 5 user types that are present in SAP
- Dialog
- Communication
- System
- Service
- Reference
Dialog: This is the most commonly used type. This user type is primarily for individuals to gain interactive system access. A user of this type can perform dialog processing in interactive mode, background processing, batch input processing and CPI-C services provided there are no explicit restrictions via assignment of specific authorizations.
SAP
licensing can prohibit multiple concurrent use of the same user id in
production SAP systems.
Communication:
This user type is used for dialog-free communication
between systems such as RFC (Remote Function call) communication.
This user is not allowed to logon to the R/3 system or start dialog
processing
System: This is the user type which can be used for dialog-free communication within a system (such as for RFC users for ALE, TMS, workflow and CUA) and for background processing.
A
specific use of the system user type is validity period of a password
won’t apply for this type. So, this can be used to run background
jobs and in between RFCs so that jobs or RFC communications won’t
fail due to expiry of the password.
Please
note that logon in dialog is not possible used System user type.
Service:
This user type is a dialog user which is available to a
large, anonymous group of users. For example, to access via ITS
(Internet Transaction Server)
There
won’t be any check on initial password or expired passwords for
this user type. Also, multiple logons are explicitly permitted for
this user type.
However
this user type should be assigned with great caution and with limited
authorizations for security reasons.
Reference:
This user type is in general, non-person related user. This
user type cannot be used for logon. Instead this user type will serve
as a reference for assigning additional identical authorizations to
other users.
For
example: In case you have to assign some identical authorizations to
all internet users, you can create a reference user with those
authorizations and use this reference user to assign identical
authorizations to all other users.