SAP Authorization Questions and Answers

Test Yourself with these Multiple Choice Questions

1) Authorization Objects
( this question has more than 1 answer )

a) Stored in User Master
b) Defines fields for a complex authority check
c) Grouped together in profiles
d) Covers up to 10 fields
e) Consists of up to 10 authorization objects

2) Authorization Checking
( this question has more than 1 answer )

a) Performed with SELECT statement 
b) Performed with AUTHORITY-CHECK
c) Determines if user has authority in master record
d) Always refers to authorization profile
e) System admin defines which authorization checks are executed

3) Authorization
( this question has more than 1 answer )

a) Contains value for field of an authorization object
b) Defines fields for a complex authorization object
c) Can be grouped together in profiles
d) Always refer to a particular authorization
e) Authorizations and profiles are stored in user master record

4) Using SM35 in which case does the system check authorization:
( this question has more than 1 answer )

a) Always
b) Process / foreground 
c) Display errors only
d) Process / background
e) System decides based on profile

5) Which authorization object needed if user wishes to execute and change an ABAP/4 Query?

c) Q_ALL

Short Questions

6) What is the difference between Role and Profile?

7) Explain the concept of "Status Text for Authorizations" - Standard, Changed, Maintained and Manual.


1) b, c, d

2) b, d

3) a, c

4) a, b, c, d

5) b

6) In SAP, a Role is like a container which contains authorization objects, transaction codes etc.  A profile contains authorizations.  when a role is generated using PFCG, a profile is generated which contains authorizations (instances of authorization objects).

7) The concept of "Status Text for Authorizations".

Standard - It means that all values in authorization field of an authorization instance is unchanged from the SAP default value.  (i.e. the values which are getting pulled from SU24).

Maintained - It means that at least one of the field values in an authorization instance was blank when it was pulled from SU24 (i.e. SAP default value) and that blank field has been updated with some value.  Other fields already having some value have not been touched.

Changed - It means that the proposed value in at least one of the fields in an authorization instance has been changed.

Manual - It means that at least one authorization field has been manually added, i.e. it was not proposed by profile generator.


See Also
Retrieving Infotype Auth For Particular User

Get help for your Basis problems
Do you have a SAP Basis Question?

SAP Basis Admin Books
SAP System Administration, Security, Authorization, ALE, Performance Tuning Reference Books

SAP Basis Tips
SAP BC Tips and Basis Components Discussion Forum

Administration In SAP - Sapgui, Unix, SAP ITS, Router, Client Copy and IDES 

Main Index
SAP ERP Modules, Basis, ABAP and Other IMG Stuff

All the site contents are Copyright © and the content authors. All rights reserved.
All product names are trademarks of their respective companies.  The site is in no way affiliated with SAP AG. 
Every effort is made to ensure the content integrity.  Information used on this site is at your own risk. 
 The content on this site may not be reproduced or redistributed without the express written permission of or the content authors.