Maintaining Logon Data 

In the Logon data tab you must enter an initial password for the new user in the Initial password field. All other entries on this screen are optional.

Further information is available by choosing F1 .

You can maintain the following fields:

Initial password

You are required to enter the password twice to eliminate the possibility of typing errors.


    • are not case-sensitive (the R/3 System does not differentiate between upper- and lowercase letters)
    • must be at least three characters long. have a maximum length of eight characters
    • may contain any characters which can be input from the keyboard. This includes digits, spaces and punctuation marks
    • cannot begin with a question mark or exclamation mark
    • may not contain spaces within the minimum length. This is normally the first three characters
    • may not begin with three identical characters
    • may not be PASS or SAP*
    • may not be used if its use has been forbidden
    • may not start with a sequence of three characters which appears in the user name

When the user logs on for the first time, he or she must enter a new password. When a user changes his or her password, the new password must be different to each of that user’s last five passwords.

See Logon and password protection in the SAP System.

User group

Enter the name of the user group to which this user is to belong.

If you want to distribute the user maintenance tasks amongst several user administrators, you must assign the user to a group. Only the administrator with authorization for that group may then change the master record.

A user master record which is not assigned to a group can be changed by any user administrator.

user type

The system proposes Dialog for normal dialog users. The following user types exist:

Dialog user: individual, interactional system access

  • obsolete/initial password check
  • passwords can be changed
  • repeat dialog logon check

use: individual (internet) user

Service user: anonymous, interactional user, repeated system access

  • no obsolete/initial password check
  • only the user administrator can change passwords
  • multiple logon allowed

use: anonymous system access (e.g. ITS scenarios: product catalog display)

System user: system-dependent and system-internal procedures, not interaction-capable

  • no obsolete/initial password check
  • only the user administrator can change passwords
  • multiple logon allowed

use: background processing, ALE, Workflow, TMS, etc.

Reference user: authorization enhancement

  • logon not possible
  • authorization enhancement tool

use: internet users with identical authorizations

You can specify a reference user for additional authorizations for each user in the Roles tab.

The application controls the assignment of reference users. The reference user name can be assigned in variables. Variables begin with "$". Variables are assigned to reference users in the transaction SU_REFUSERVARIABLE.

Valid from...Valid to...

These optional fields allow you to specify a start and end date for the user master record. Leave them blank if you do not want to set a limit.

Account Number

For each user or user group, assign an account name or number of your choice. The user appears in the RZ accounting system (ACCOUNTING EXIT) under this number.

A recommended account number would be the user’s cost center or company code, for example.

You should always enter an account name or number in the SAP accounting system. The user will otherwise be assigned to a general category without account number.