SAP Security Interview Questions Part-3

1. How do I restrict SAP HR Security won't allow users to update their own SAP HR data?

ANS:

Use the security object P_PERNR. the first field in this object is for authorization level, R, E, W, S, second field is for infotype, the PSIGN field means this...E = everyone else but self, I = self

2. How I can get all user info in PRD with Tcodes assignment?

ANS:

1. Copy the data extract of agr_users to excel.

2. Then in table agr_1251 give the entire list of roles as in step 1 along with S_tcode object...copy the results to excel...

3. You can combine both the data using lookup to obtain the desired combinations

3. Please let me know how we can delete roles from the list of users at once. Different set of roles are assigned to users 

ANS:

1) Open each role in transaction PFCG and remove the users from the Users tab.
2) Remove the roles from multiple users in transaction SU10.
3) Remove the roles individually from each user using transaction SU01.
4) Create a CATT script and run it using transaction SCAT. 

4. Maximum No. Of SAP Session per User

ANS:

rdisp/max_alt_modes 

You can use this parameter to restrict the max no of external sessions a user is allowed to open in one logon. This is Dynamic parameter so u can change in RZ11

5. See from which network IP address and host name a user has logged on

ANS:  Call transaction OS01,

Click "Presentation Server" button, "Change View" button. 

If you are using Citrix, you will not be able to view the user individual IP address as it will be the same Citrix IP address.

To check the speed and quality of the user's network connection,

Select the desired presentation server and click "10 X Ping" button.