SAP SECURITY Interviews Series – Part 7

Do checkout this commonly asked SAP Security Interviews Q/A Series and prepare for your interviews easily. This is Part 7 of 10 Part Series.

SAP SECURITY Interviews Series

1. How many types of users are there for background jobs?

Ans: There are multiple type of background users associated.

Here they are:

A. Dialog User: When the system access is interactive in nature, then this type of user is used. These users can easily login to SAP GUI and initialize manual transactions. They run background jobs manually, for any specific requirements.
B. System User : They are the ideal one as background users. They are mainly used for internal system processing, internal system communications and multiple background processing.
C. Communication User : They run the background jobs which mainly require to use external RFC communications between the systems. Automatic data exchange and processing facility is being available to them.
D. Service User : When large number of unknown anonymous users are accessing the systems, then these users are being used.
E. Reference User : They are used when additional authorizations are being assigned t other users through various roles. They are not directly used to execute any background job but provide additional permission to other users who can execute background jobs such as system or dialog user.

2. What tcodes will you use to check the table logs and what is the concept behind a table log in sap security?

Ans: Here are the important tcodes to check table logs:

SM30 – To maintain table entries SCU3 To view change documents for table logs.
SM18 – To configure system logs
SM19 – To configure system logs
SM20 – To audit 7 review activities related to security logs

Concept behind table logs: It helps in tracking changes made to table entries It is essential for auditing and compliance purpose It helps in monitoring sensitive data It helps in enhancing the security and integrity of the SAP System.

3. Is it possible to add a composite role to another composite role?

Ans: No it is not possible to add a composite role in other composite role

4. How will you troubleshoot when a background user face a problem?

Ans: When a background user faces a proble, we will troubleshoot it as:

Identifying the problem via SM37 and MS21 Tcode. Both of the tcodes can be useful to check the error messages in the job log or background job details.
Then, we will check the authorizations of the users. Using SU53 we will check if any authroization is missing or not. SU01 can be used to check missing profiles and roles.
Along with that, we can also analyze the job logs and spool requests. SM21 and ST22 can be used to check the system logs and the dump analysis for the error.
Make sure to ensure that user is being correctly setup as a system user and not as a dialog user.
After that we can verify the validity dates also. Now we can do the debugging and testing using ST01 or ABAP Code and at the end , after checking system configuration we can reproduce the issue.
Once reproduce we can easily fix and test.

5. What is the use of run system trace function?

Ans: Run System Trace is a tool use to troubleshoot various system activities.

ST01 is the tcode which can be used to run system trace. It can be used to troubleshoot authorization issues including fine tune authroizations. SQL Traces and RFC Traces can also be checked using this tool. ABAP program debugging can also be done using run system trace tool.

Hope you like SAP Security Interviews Series PART – 7

SAP SECURITY Interview Check out other parts: