Hierarchy
⤷ BC-SEC-USR-ADM (Application Component) User and Authorization Management
⤷ SUSR (Package) ABAP User Administration
Basic Data
Data Element | XUUSTYP |
Short Description | User Type |
Data Type
Category of Dictionary Type | D | Domain |
Type of Object Referenced | No Information | |
Domain / Name of Reference Type | XUUSTYP | |
Data Type | CHAR | Character String |
Length | 1 | |
Decimal Places | 0 | |
Output Length | 1 | |
Value Table |
Further Characteristics
Search Help: Name | ||
Search Help: Parameters | ||
Parameter ID | ||
Default Component name | ||
Change document | ||
No Input History | ||
Basic direction is set to LTR | ||
No BIDI Filtering |
Field Label
Length | Field Label | |
Short | 10 | Type |
Medium | 15 | User Type |
Long | 20 | User Type |
Heading | 15 | User Type |
Documentation
Dialog 'A'
A normal dialog user is used by one person only for all types of logon.
During a dialog logon, the system checks for expired and initial passwords and provides an option to change the password.
Multiple dialog logons are checked and logged if necessary.
System 'B'
Use the system user type for internal system processes (-> background processing) or system-related processes (-> ALE, workflow, TMS, CUA).
Dialog logon (using SAP GUI) is not possible.
A user of this type is excluded from the general settings for password validity. Only user administrators can change the password using transaction SU01 (Goto -> Change Password).
Multiple logons are permissible.
Communication 'C'
Use users of type Communication for dialog-free communication between systems (-> RFC or CPIC) .
Dialog logon (using SAP GUI) is not possible.
The general settings for the validity period of a password apply to users of this type. Users of this type can change their passwords (like dialog users). The dialogs for changing the password must be provided by the caller (RFC/CPIC client). You can use the RFC function module USR_USER_CHANGE_PASSWORD_RFC or the RFC API function RfcOpenEx() to change the password.
Service 'S'
A user of the type Service is a dialog user that is available to an anonymous, larger group of users. Generally, this type of user should only be assigned very restricted authorizations.
For example, service users are used for anonymous system access using an ITS service or a public Web service. Once an individual has been authenticated, a session that started anonymously using a service user can be continued as a personal session using a dialog user (see SUSR_INTERNET_USERSWITCH)
During logon, the system does not check for expired and initial passwords. Only the user administrator can change the password.
Multiple logon is allowed.
Reference 'L'
Like the service user, a reference user is a general user, not assigned to a particular person. You cannot log on using a reference user. The reference user is only used to assign additional authorization. Reference users are implemented to equip Internet users with identical authorizations.
On the Roles tab, you can specify a reference user for additional rights for dialog users. Generally, the application controls the allocation of reference users. You can allocate the name of the reference user using variables. The variables should begin with "$". You assign variables to reference users in transaction SU_REFUSERVARIABLE.
This assignment applies to all systems in a CUA landscape. If the assigned reference user does not exist in one of the CUA child systems, the assignment is ignored.
Overview
Overview of the properties of users of the different user types:
Property \ User Type Dialog Communication System Service
Dialog logon (SAP GUI) X - - X
Multiple logons - X X X
RFC logon X X X X
Background job execution X - X X
Password change X X - -
Logon ticket can be generated X X - -
History
Last changed by/on | SAP | 20110908 |
SAP Release Created in |