Powered By Blogger

Tuesday, 19 July 2011

SAP Security Interview Questions Part-1

1.     . What is the difference b/w change authorization mode and expert mode of Change authorization ?

ANS:
Change authorization: This option we will use when we create new role and modify old role
Expert mode: i. Delete and recreate authorizations and profile
(All authorizations are recreated. Values which had previously been maintained, changed or entered manually are lost. Only the maintained values for organizational levels remain.)
                           ii. Edit old status
(The last saved authorization data for the role is displayed. This is not useful, if transactions in the role menu have been changed.)
                           iii. Read old data and merge with new data
(If any changes happen in SU24 Authorizations we have to use this)
 
2.     When we do the user comparison in pfcg what is the difference in complete comparison and expert mode comparison.
ANS:
(Then main purpose of user comparison is when we assign role to the        user it will apply only after user comparison only. If we don’t do user comparison user cont access the assigned role?)

There are three ways to do user comparison
1. PFCG –User tab
2. PFUD T-code
3. PFCG_time_dependency in background mode
Also we can set automatic user comparison by            . ...........4.PFCG>utilities>settings> automatic user comparison


 Select the option ‘Automatic User Compare…’


3.      What are the critical authorization objects in security point of view?

ANS:
i.                    S_USER_OBJ-        Globally deactivate auth.Objects
ii.                 S_TABU_DIS-        Table maintains (field-DICBERCLS)
iii.               S_TABU_CLI          Cross-client Table.M(Field-CLIDMAINDT)
iv.               S_USER_GRP         User Group maintains
v.                 S_USER_AUT         Auth Maintenance
vi.               S_USER_PRO         Auth profile maintains
vii.            S_USER_TCD         Transactions in roles
viii.          S_DEVELOP           ABAP/4 Development Workbench objects
ix.                  S_PROGRAM        Authorization to execute ABAP programs
x.                    S_TRANSPRT       Define transport requests
xi.               S_SPO_AUTH         Auth to perform actions on spool requests protected

4.     When we do the transportation of composite role what will happen.
ANS:
 While doing Transport of composite role associate (single role) roles also transport
5.     How to get the E-Mail address for 100 users at a time.
Ans:
USR21 with ADR6 
Posted by at
Labels:
Location: Bengaluru, Karnataka, India

2 comments:

Subscribe to: Post Comments (Atom)