In "USER MAINTENANCE- SU01" --> in the "logon tab" there are 5 different

"user type"
1. dialog
2. system
3. communication
4. service
5. reference
Kindly mention the function and role of all the above mentioned user types
specifically and how is one user type different from another.

These are as follows:-

1. Dialogue:-
For this kind of users:-
GUI login is possible.
Initial password and expiration of password are checked.
Multi GUI logins are checked.
Usage:- These are used for GUI logins.
2. System
For this kind of users:-
GUI login is not possible.
Initial password and expiration of password are not checked.
Usage:- These are used for internal use in system like background jobs.
3. Communication
For this kind of users:-
GUI login is not possible.
Users are allowed to change password through some software in middle tier.
Usage:- These are used for login to system through external systems like web
application
4. Service
For this kind of users:-
GUI login is possible.
Initial password and expiration of password are not checked.
Multiple logins are allowed.
Users are not allowed to change the password. Only admin can change the password
Usage:- These are used for anonymous users. This type of users should be given
minimum authorization.
5. Reference
For this kind of users:-
GUI login is not possible.
Initial password and expiration of password are not checked.
Usage:- These are special kind of users which are used to give authorization to other
users.
User Types
Type Purpose
Dialog Individual, interactive system access.
System Background processing and communication
within a system (such as RFC users for
ALE, Workflow, TMS, and CUA).
Communication Dialog-free communication for external
RFC calls.
Service Dialog user available to a larger,
anonymous group of users.
Reference General, non-person related users that
allows the assignment of additional
identical authorizations, such as for Internet
users created with transaction SU01. No
logon is possible.

User Types

There are 5 different User type:

1. dialog
2. system
3. communication
4. service
5. reference

Description about the above User types:

1. Dialog:- For Dialog User GUI Login is possible,Initial password and expiration of
password and Multi GUI Logins are checked.
Individual system access (personalized)
It is possible to log on using SAP GUI. The user is therefore capable of interaction
through SAP GUI.
The system checks whether the password has expired or is initial.
The user can change his or her password himself or herself.
Multiple dialog logons are checked and, where appropriate, logged.

Purpose of Dialog User is for individual human users.

2. System:- For a System User GUI Login is not possible, Initial password and expiration
of password are not checked.
System-related and internal system processes.
It is not possible to log on using SAP GUI. The user is therefore incapable of interaction
through SAP GUI.
The password change requirement does not apply to the passwords, that is, they cannot be
initial or expired.
Only a user administrator can change the password.
Multiple logons are permissible.

Purpose of System User is for background processing and communication within a

system (internal RFC calls) and between multiple systems (external RFC calls).

3. Communication:- For a Communication User login is not possible, Users are allowed
to change password through some software in middle tier
Individual system access (personalized)
It is not possible to log on using SAP GUI. The user is therefore incapable of interaction
through SAP GUI.
Although the system checks whether the password has expired or is initial, the
implementation of the requirement to change the password, which exists in principle,
depends on the logon method (interactive or non-interactive).

Purpose of this User is for external RFC calls of individual human users.These are used
for login to system through external systems like web application

4. Service:- For a Service User GUI login is possible.Initial password and expiration of
password are not checked.Multiple logins are allowed.Users are not allowed to change
the password. Only admin can change the password.
Shared system access for a larger, anonymous group of users. Assign only very restricted
authorizations for this user type.

Purpose of this User is for anonymous users. This type of users should be given minimum
authorization.After an individual authentication, an anonymous session begun with a
service user can be continued as a person-related session with a dialog user.

5. Reference:- For a Reference User GUI login is not possible.Initial password and
expiration of password are not checked.
User type for general, non-person related users that allows the assignment of additional
identical authorizations, such as for Internet users created with transactions SU01.

Purpose of this Users are special kind of users which are used to give authorization to
other users.

Client

It is a way to have different groupings of data within one database. Originally multiple
companies ran SAP from one system and database in a time sharing fashion. The 'client'
was the company they were doing business with. They added more companies and they
became more clients in the system.
Note : Whenever we create a new client, the entries will get stores in a table know as
T000.

A client is data separator

SAP Provides 3 default clients 000 001 066
000 is called a template,
other clients are defined by copying client 000

In SCC4 client maintenance screen, there are four options as below.

1. Changes without automatic recording

2. Automatic recording of changes
3. No changes allowed
4. Changes w/o automatic recording, no transports allowed.

1 : whenever you make a change and u don’t want the recording pop-up to come, u can
use this option.. In this case, if u want to transport the objects to which u made the
change, u have to manually include it in the request via SE01.
2: in this case, the SAP system will pop-up a small window to enter the request number...
it automatically records the changes u r making.
3: No changes allowed for any repository objects in the system.
4: This setting give usually found in sand box servers... where the data need not be
transported to anywhere....

Logical System will define a trusted relation between two clients

Client Role :
Production
Test
Customization
Demo
Training and Education
SAPReference

 Changes and Transport for client specific Objects

 Cross Client Object Changes
 Client Copy Tool

CAT
Note : CATT is a tool provided by SAP which is mostly used by functional consultant. If
you select at the time of client creation that CATT Tool is allowed. Then SD, MM
Consultant can utilized the advantage of same.
SCC4 --> Create client no. and fill other details.
Logon to the newly created client with SAP* and PASS as password.

This is a pretty easy procedure. Basically, you add a new logical system in transaction
SALE, create a new client in transaction SCC4 using the logical system you created
previously, create a RFC target destination using transaction SM59 with the same name
of the logical name, create a RFC source using transaction SM59 for the source or “from”
client, log on to the new client, and schedule a client copy from the source client to the
destination or “to” client. That’s all there is do it
When you bring up a new SAP instance, you add a client 100 and schedule a client copy
from client 000 to client 100. This is called a local client copy since the source or “from”
client is contained within the same SAP instance as the target or “to” client. When you
add a new SAP instance to your landscape, like QAS, you might want to copy client 100
in the DEV instance to client 200 in the QAS instance. This would be a remote client
copy.
A client copy is destructive – in other words, all the data in the target client is deleted
during the client copy. So the procedure is not just for creating new clients but refreshing
existing data. The only exception to this rule is the using the SAP_CUST profile to do the
copy – it will leave all the data in the target client intact with the exception of the user
master data which will be deleted and replaced with the source client’s user master data.
You can even mix and match, the data from one client and the user data from another,
and copying them both at the same time in the same client copy run.
A client is created using transaction SCC4 and at the time of creation you must specify
what type of client it will be. Is it to be used to create configuration changes that are to be
transported to QAS and PRD? Is it a reference client, “frozen” so it can be used to refresh
the data contained in test clients? Can both client-dependent and client-independent data
be changed in this client, or only client-dependent data, or no changes allowed at all?
These various types of client have their own labels to the SAP implementation team:
golden client, unit test client, configuration client, ABAP client, production client, etc. If
someone references a client with which you are not familiar, be sure to ask for
clarification so that the wrong client does not end up being the source client for a client
copy

DEVELOPMENT CLIENT: Apart from 3 default clients we will create a new client in
development server. It is purely created for customization purpose which are done by
functional consultant.

Golden Client: In Golden client clean customization is done. It is also used for research
and development purpose. Before transporting it is again tested in golden client before
transporting to production server.
Production Client: In Production server, there will be only once client apart from 3
default client and that client is know as Production client.
In this particular client the company LIVE data will exists and all the employees are
going to logon to PRODUCTION CLIENT.

SCC4: It is used to display or view the existing clients or if we are creating new client.

Client Concepts and Types of Data in SAP System

Data in an SAP system can be divided into two categories:

1. Client-specific data: Client-specific data such as user master and application data,
which affects only one client.
2. Cross-client data: Cross-client data such as cross-client customizing data and all
Repository
objects, which affects the whole system environment.

The ABAP Dictionary is a data dictionary that is part of the ABAP Repository. Each
piece of the ABAP Dictionary information is entered only once and is then available
anywhere in the system at any time. The ABAP Dictionary automatically supplies all new
or changed information, thus providing current runtime objects and ensuring data
consistency and security.

A client is a self contained unit in technical terms, wit its own master data.

The following are examples of client-specific data:

User master data, such as parameters, authorization, user groups

Customizing data, such as organizational units, assignments, and document types

Application data, such as business transaction data, and material master data

The SAP client concept can integrate several companies or subsidiaries in a single client
by using company codes and the SAP authorization concept. Company codes define the
smallest corporate organizational units for which a complete self-contained set of
accounts can be drawn up for external reporting.
The SAP authorization concept enables the parent company to access all subsidiaries for
report purposes, while subsidiary-specific data is protected against access from other
subsidiaries through company code definition.

Protecting clients against user logon

1 You must ensure that no users logon to the system during the copy. For technical
reasons, only the target client is locked. If, e.g. the lock is not reset after a copy is
cancelled, you can reset it by calling the transaction SCC3 in any client.
Users who are in the target client before the start of the copy cannot be locked
automatically, so you must ensure that they leave the system.
The source and target clients should both be additionally protected by a system message
(SM02).
You should not work in the source client either during the copy.