Interview Questions – Part 3

SAP Security Interview Questions

Q What is the difference between USOBX_C and USOBT_C?

USOBX_C and USOBT_C are tables which are used for SU24 transaction code.

The table USOBX_C defines the status of authorization checks for authorization objects, i.e. whether the “check indicator” is set to yes or no. It also defines the proposal status, i.e. whether the authorization check values are being maintained in SU24 or not.

The table USOBT_C defines the “values” which are maintained for check-maintained authorization objects.

Q. What does the different color light denote in profile generator?

There are three colors (like traffic lights) in profile generator:

Red – It means that some organizational value has not been maintained in org field in profile generator.
Yellow – It means that there are some or all fields in certain authorization instances which are blank (not maintained)
Green – It means that all the authorization fields are maintained (values are assigned).


Q. How can we convert Authorization Field to Org Field?

The report PFCG_ORGFIELD_CREATE is used for converting an Authorization Field to Org Level Field. It can be executed using SA38/SE38 tcode.

There is a bit of caution involved here. Make sure that whatever change related to this conversion is made is done in the initial stage of security role design/system setup. In case this task is performed at a later stage, there is a risk that this will impact lots of existing roles. All those roles would require analysis and authorization data will have to be adjusted.

NOTE : Authorization fields TCD (Tcode) and ACTVT (Activity) cannot be converted to org level fields.


Q. How do we find all activities in SAP?

All Activities in SAP are stored in table TACT. All valid activities are stored in table TACTZ. The tables can be accessed via SE16 tcode.


Interview Questions Contd..