on 12-23-2008 11:21 AM
Hi All,
Sometimes I get very confused with sap* & ddic user.When I should use sap* only & not ddic & viceversa??What tasks can we perform with sap* but not with ddic??
Hi All,
Can I create and use ddic user in my new clients, or should I use it just in clients 000 and 001?
Thanks in advance..
MERAL
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks to All..
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello
Forgot to mention that Also check the value for the parameter login/no_automatic_user_sapstar in the instance profile.This has a default value 1 but should be set to 0 for such a scenario.
I don't think SAP* would be visible in SU01 since it has the default settings.Once you make customizations , only then you will get it in the SU01 screen.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI
SAP* has 2 functionalities over the DDIC user..
1. Whenever performing the client copy first time,the user SAP* is used.
2. If in case due to some accident, you lose all the login accounts for the system,you can login by SAPafter deleting the user from the USR02 table through the OS level. The database would be needed to restart to get the new setting into effect. Doing this,would set the SAP user with the default password PASS.
Regards
Chen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The SAP system has a default superuser, SAP, in the clients 000 and 001. A user master record is defined for SAP when the system is installed. However, SAP* is programmed in the system and does not require a user master record.
If you delete the SAP* user master record and log on again as SAP* with initial password PASS, then SAP* has the following attributes:
· The user is not subject to authorization checks and therefore has all authorizations.
· The user has the password "PASS", which cannot be changed.
If you want to deactivate the special properties of SAP, set the system profile parameter login/no_automatic_user_sapstar to a value greater than zero. If the parameter is set, then SAP has no special default properties. If there is no SAP* user master record, then SAP* cannot be used to log on.
You should set the parameter in the global system profile, DEFAULT.PFL, so that it is effective in all instances of an SAP system. You should ensure that there is a user master record for SAP* even if you set the parameter. Otherwise, resetting the parameter to the value 0 would once again allow you to log on with SAP*, the password u201DPASSu201D and unrestricted system authorizations.
If a user master record exists for SAP*, it behaves like a normal user. It is subject to authorization checks and its password can be changed.
-- Kishore
You should not use either of them... first thing you need to do is create a new user for yourself and then proceed.
You should only use SAP* as first logon then usually most companies lock the user as a security measure.
Regards
Juan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Read,
http://help.sap.com/saphelp_nw70/helpdata/en/52/671785439b11d1896f0000e8322d00/content.htm
That should answer your question.
regards
Juan
Thanks Juan..It has helped me a lot..The last question regarding sap.I can login to my dev client 520 or 530 with sap & password pass.But when I am going to su01 & type sap* in client 520 or 530 it is saying sap* does not exist.How this is so??If I can login with sap* to the clients then why it is saying it does not exist??
User | Count |
---|---|
85 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.