Account type | KOART |
Company code | BUKRS |
Cost element | KSTAR |
Distribution channel | VTWEG |
Division | SPART |
Operating concern | ERKRS |
Plant | WERKS |
Profit center | PRCTR |
Purchasing group | EKGRP |
Purchasing organization | EKORG |
Sales group | VKGRP |
Sales office | VKBUR |
Sales organization | VKORG |
Shipping point | VSTEL |
Warehouse number / warehouse c | LGNUM |
Valuation area | BWKEY |
Business Area | GSBER |
Maintenance Planning Plant | IWERK |
Credit control area | KKBER |
Controlling Area | KOKRS |
Cost Center | KOSTL |
Storage Type | LGTYP |
Personnel Area | PERSA |
Plan Version | PLVAR |
Maintenance Plant | SWERK |
Transportation planning point | TPLST |
MRP Controller | DISPO |
Release Code | FRGCO |
Codition type | KSCHL |
Chart of Accounts | KTOPL |
Release Group | FRGGR |
STORAGE LOCATION (object) | LGORT |
WORK CENTER | ARBPL |
Consolidation Unit | BUNIT |
Bom (authorization group) | BEGRU |
ORDER TYPE | AUART |
Thursday, 24 January 2013
Useful field name when you perform SUIM or display data from AGR_1251
Tuesday, 22 January 2013
Friday, 18 January 2013
ST01 trace file delete
- To delete ST01 trace file, it can only be done in OS level.
- Delete the trace file and it will be created again the next time you activate trace.
Thursday, 17 January 2013
Create role with display mode only ACTVT 03
- Tcode PFCG
- Enter the role name
- Role > Download
- Now open the *.SAP file which you have downloaded and edit with notepad.
- Search for ACTVT then change all the value *, 01, 02 and etc to only 03
- Save and upload the file back using PFCG
Sunday, 6 January 2013
Change SAP* password and default password
http://wiki.sdn.sap.com/wiki/display/ABAP/Changing+the+default+password+for+sap+use
Changing the default password for sap use
Changing the default password for sap use
You are trying to change the password for sap* user, however when you go into su01 and enter sap* as the user name, the following message is displayed, user sap* does not exist.
You can delete the SAP* user using ABAP code :-
Delete from usr02 where bname = 'SAP' and mandt = '**';
Delete from usr02 where bname = 'SAP' and mandt = '**';
Where '*' means your client no.
Then login to your client using password SAP* and password PASS
However, if you delete it, then it will automatically created once again with password PASS
The userid, SAP*, is delivered with SAP and is available in clients 000 and 001 after the initial installation. In these 2 clients, the default password is 07061992 (which is, by the way, the initial date when R/3 came into being...). It is given the SAP_ALL user profile and is assigned to the Super user group.
When I say it is "delivered" with SAP, I mean that the userid resides in the SAP database; there are actually rows in the user tables used to define userids.
If you delete the userid, SAP*, from the database, SAP has this userid defined in its kernel (the SAP executable code that sits at the operating system level, i.e., disp+work). When this situation exists, the password defined in the SAP code for SAP* is PASS.
This is necessary when you are performing client copies for example, as the user information is copied at the end of the process.
You can sign into the client you are creating while a client copy is processing using SAP* with password PASS (but you should have a good reason to do this - don't change anything while it's running).
Anyway, if the SAP* userid is missing, you can sign in to the client you want and simply define it using transaction SU01 and, as I stated above, assign it to the SUPER user group and give it the SAP_ALL profile. You define its initial password at this point. If you've forgotten its password and don't have a userid with sufficient authorization to create/change/delete userid,
then you can use the SQL statements to delete it from the database and then you can use SAP* with PASS to sign back into the client you want to define it in and recreate it.
then you can use the SQL statements to delete it from the database and then you can use SAP* with PASS to sign back into the client you want to define it in and recreate it.
There is also a profile parameter which can override the use of SAP* with PASS to close this security hole in SAP (login/no_automatic_user_sapstar). When this parameter is defined either in your DEFAULT.PFL profile or the instance-specific profile and is set to a value of '1', then the automatic use of SAP* is deactivated. The only way to reactivate the kernel-defined SAP* userid at this point would be to stop SAP, change this parameter to a value of 0 (zero), and then
restart SAP.
restart SAP.
The default password for SAP is 06071992. (DDIC has 19920706*)
Thursday, 3 January 2013
User type (Dialog, system, communications, service, reference )
http://help.sap.com/saphelp_nw70ehp1/helpdata/en/52/67119e439b11d1896f0000e8322d00/content.htm
User Type
You can specify the following user types:
● Dialog (A)
○ Individual system access (personalized)
○ It is possible to log on using SAP GUI. The user is therefore capable of interaction through SAP GUI.
○ The system checks whether the password has expired or is initial.
○ The user can change his or her password himself or herself.
○ Multiple dialog logons are checked and, where appropriate, logged.
○ Purpose: for individual human users (including Internet users)
● System (B)
○ System-related and internal system processes.
○ It is not possible to log on using SAP GUI. The user is therefore incapable of interaction through SAP GUI.
○ The password change requirement does not apply to the passwords, that is, they cannot be initial or expired.
○ Only a user administrator can change the password.
○ Multiple logons are permissible.
○ Purpose: background processing and communication within a system (internal RFC calls) and between multiple systems (external RFC calls). Purpose: for example, RFC users for ALE, workflow, TMS, CUA.
● Communications (C)
○ Individual system access (personalized)
○ It is not possible to log on using SAP GUI. The user is therefore incapable of interaction through SAP GUI.
○ Although the system checks whether the password has expired or is initial, the implementation of the requirement to change the password, which exists in principle, depends on the logon method (interactive or non-interactive).
○ The user can change his or her password himself or herself.
○ Purpose: external RFC calls of individual human users.
● Service (S)
○ Shared system access for a larger, anonymous group of users. Assign only very restricted authorizations for this user type.
○ It is possible to log on using SAP GUI. The user is therefore capable of interaction through SAP GUI.
○ During a log on, the system does not check whether the password has expired or is initial.
○ Only a user administrator can change the password.
○ Multiple logons are permissible.
○ Purpose: Anonymous system access (such as for public Web services). After an individual authentication, an anonymous session begun with a service user can be continued as a person-related session with a dialog user.
● Reference (L)
○ It is not possible to log on to the system.
○ User type for general, non-person related users that allows the assignment of additional identical authorizations, such as for Internet users created with transactions SU01.
To assign a reference user to a dialog user, specify it when maintaining the dialog user on the Roles tab page. In general, the application controls the assignment of reference users. This assignment is valid for all systems in a Central User Administration (CUA) landscape. If the assigned reference user does not exist in a CUA child system, the assignment is ignored.
You should be very cautious when creating reference users.
■ If you do not implement the reference user concept, you can deactivate this field in accordance with SAP Note 330067.
■ We also recommend that you set the value for the Customizing switch REF_USER_CHECK in table PRGN_CUST to "E". This means that only users of type REFERENCE can then be assigned. Changing the Customizing switch affects only new assignments of reference users. Existing assignments are retained.
■ We further recommend that you place all reference users in one particularly secure user group to protect them from changes to assigned authorizations and deletion.
Subscribe to:
Posts (Atom)