Usage of users:
User SAP* for initial access to the R/3 System
User DDIC for the transport and correction system
To protect SAP* and DDIC from unauthorized access, you must change the initial passwords for these users in all clients of your R/3 System. We recommend that you add the user group SUPER to the user master records. This user group can only be accessed by the superuser. Please review the note 2383.
User DDIC is a user with special privileges in installation, Software logistics , The ABAP dictionary and Run/schedule system jobs. Hence, I would not recommend to remove the functional and operational rights in DDIC user. The best way to secure DDIC is to implement policy on its usage and limit access to the password for this user.
Always have at least two administrative user IDs for each client,
so you do not lock yourself out of the client. SAP* and DDIC should only be used for tasks that require those user IDs be used. A better solution is to create an administrative user ID, which is a copy of the user SAP*.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.