You are on page 1of 2

SAP User Types

This article answers the following queries:


What are the different user types in SAP?
Which user type(s) is /are used for dialog free communication in SAP?
Validity period of a password is not applicable to which user type(s) in SAP?
What are the specific uses of system user type in SAP?
Which user type(s) cannot be used for direct logon to the SAP system?
Which user type in SAP does not have a check on validity of password expiry
or initial password?

Which user type in SAP can be used to assign additional identical


authorizations to other users?

--------------------------------------------------------------------

These are the 5 user types that are present in SAP

Dialog
Communication
System
Service
Reference

Dialog: This is the most commonly used type. This user type is primarily
for individuals to gain interactive system access. A user of this type can
perform dialog processing in interactive mode, background processing, batch
input processing and CPI-C services provided there are no explicit
restrictions via assignment of specific authorizations.
SAP licensing can prohibit multiple concurrent use of the same user id in
production SAP systems.

Communication: This user type is used for dialog-free communication


between systems such as RFC (Remote Function call) communication. This
user is not allowed to logon to the R/3 system or start dialog processing

System: This is the user type which can be used for dialog-free
communication within a system (such as for RFC users for ALE, TMS,
workflow and CUA) and for background processing.
A specific use of the system user type is validity period of a password wont
apply for this type. So, this can be used to run background jobs and in
between RFCs so that jobs or RFC communications wont fail due to expiry of
the password.
Please note that logon in dialog is not possible used System user type.

Service: This user type is a dialog user which is available to a large,


anonymous group of users. For example, to access via ITS (Internet
Transaction Server)
There wont be any check on initial password or expired passwords for this
user type. Also, multiple logons are explicitly permitted for this user type.
However this user type should be assigned with great caution and with
limited authorizations for security reasons.

Reference: This user type is in general, non-person related user. This user
type cannot be used for logon. Instead this user type will serve as a
reference for assigning additional identical authorizations to other users.
For example: In case you have to assign some identical authorizations to all
internet users, you can create a reference user with those authorizations and
use this reference user to assign identical authorizations to all other users.