Extensive inforamtion for special user SAP*:
SAP* is a "hard-coded" user that does not have a user master record in the delivery system, is not subject to any authorization checks (and therefore has all authorizations), and has an unchangable password.
SAP* is not treated like a "normal" user until a user master record is created for it. As long as the user master record exists, SAP* is subject to authorization checks and can be assigned a different password.
Because SAP* is a known user with a known password, you should create a user master record for SAP* before your system goes live, and replace that user by another, secret "super user".
SAP* should not have any authorizations (empty profile list)
SAP* should be assigned a new password
SAP* should be assigned to user group SUPER.
then deactivation of the "automatic SAP*", is executed
The group assignment prevents the SAP* user master record from being deleted so easily, provided the other SAP recommendations regarding user maintenance and authorization maintenance and the pre-defined S_USER* profiles are used for user and authorization maintenance.
As an additional security measure you can lock user SAP* by the administrator.
Note that user SAP*, just like any other R/3 user, is client dependent.
This means that you have to perform the specified security measures in every client.
- SAP BASIS Full Form & Meaning
- SAP BASIS Scope and Opportunity
- SAP BASIS Certification Cost in India
- SAP BASIS Interview Questions
- SAP Security Interview Questions
- What Is SAP GUI
- What Is SAP Router
- SAP SPRO Full Form
- SAP STMP Mail Configuration
- SAP Landscape Transformation
- SAP Software & Hardware Requirement
- SAP License Key Generator
- SAP Netweaver
- SAP Basis Client Adminstration
- SAP Create Authorization Group
- SAP PCFG Roles and Authorizations
- SAP User Activity Log Table
- SAP Work Process
- SAP Schedule Background Job
- SAP Delete Background job
- SAP BASIS TMS Configuration
- SAP BASIS Transport Route Configuration
- SAP Basis Patch Manager
- Reset & Delete SAP SPAM Queue
- Check Sap Kernel Version
- SAP System Monitoring T-Code
- SAP Basis Types of RFC Connections
- SM59 Tcode in SAP RFC
- SAP User Types
- Reset SAP Password