Question { HP, 28128 }

Difference between User Group in "Logon data" and "Groups"
tab in SU01

Answer

User Group under Logon data - It is used for Authorization check. Auth. Object S_USER_GRP(ACTVT, CLASS) will be checked. This is helpful to restrict admins to particular group. They cannot access the information from other group.

Groups Tab - This is a general purpose group. This is not used for Authorization check at all. Anything maintained or not maintained here doesn't make any difference. This was helpful when SUIM T-code was used for searching users with Users with complex selection criteria to get details of user assigned to particular group. This not not used much.

Example for User Group under Logon Data Tab:
Assume you have a Basis team and want to just access the users for this team, you will just create a group(ex.: Basis) for all these users and restrict the admin to just have access to the group(ex. Basis) with these users. The admin will then have access to only users under this group and cannot access other users at all.