Answer Posted / sanketshingote

User Group under Logon data - It is used for Authorization check. Auth. Object S_USER_GRP(ACTVT, CLASS) will be checked. This is helpful to restrict admins to particular group. They cannot access the information from other group.

Groups Tab - This is a general purpose group. This is not used for Authorization check at all. Anything maintained or not maintained here doesn't make any difference. This was helpful when SUIM T-code was used for searching users with Users with complex selection criteria to get details of user assigned to particular group. This not not used much.

Example for User Group under Logon Data Tab:
Assume you have a Basis team and want to just access the users for this team, you will just create a group(ex.: Basis) for all these users and restrict the admin to just have access to the group(ex. Basis) with these users. The admin will then have access to only users under this group and cannot access other users at all.

Which tables will you use for making customizing setting for security administration?

1104

---

What is t code?

1059

---

What are se09 t-codes used for?

1194

---

what is sod in sap security?

1154

---

Can you explain document transfer-level security?

1072

---

what is the difference between usobt_c and usobx_c?

1293

---

How we Provided SAP Security design, configuration, and support for SAP Net Weaver systems running BI/BW 7.0 (Net Weaver 2004s)

2185

---

What is the use of su56?

1084

---

What is the difference between role and a profile?

1217

---

How to codify for an Item in SAP? How many digits are required for an item?

2604

---

What is the difference between authorization object and authorization object class?

1081

---

When would you update a sap table directly?

1022

---

what is user buffer?

1114

---

what things you have to take care before executing run system trace?

1188

---

Is it possible to have more than one st of org-level values in one role? Explain your answer.

1046

---