In the transaction, select SU10 by login data of users
Add External Services from SAP CRM to the User Menu
DDIC: DDIC is the only user able to log in or make changes to the ABAP Dictionary during installations and release changes. It is also used in the client 000, e.g. for certain jobs or Unicode conversions. DDIC exists in all clients except 066. Safeguard measures: In all systems (except for client 000 due to upgrade features), set DDIC to the System user type. If necessary, you can switch it back to a dialogue user using the Emergency User. Change the password, assign the user to the SUPER user group, and log it with the Security Audit Log.
You should archive all document types at the same time intervals; This is especially true for the US_USER and US_PASS archive objects. It is customary to keep the supporting documents between 12 and 18 months, as this corresponds to the retention periods for the revision. For performance reasons, if you want to archive in shorter intervals, you should always archive all archive objects at the same time and store the PFCG and IDENTITY archive object classes in separate archives. In this case, it may be useful to download the archived revision documents back to a shadow database to make them available for faster review. You can use the following reports: RSUSR_LOAD_FROM_ARCH_PROF_AUTH / RSUSR_LOAD_FROM_ARCHIVE. You can also archive the table change logs with the BC_DBLOGS archive object.
Create permissions for customising
System Privileges (Database System) permissions: System Privileges are SQL permissions that control administrative actions throughout the database. Such actions include creating a (database) schema (CREATE SCHEMA), creating and modifying roles (ROLE ADMIN), creating and deleting a user (USER ADMIN), or running a database backup (BACKUP ADMIN).
Secure your go-live additionally with "Shortcut for SAP systems". You can assign necessary SAP authorizations quickly and easily directly in the system.
At "www.sap-corner.de" you will also find a lot of useful information on the subject of SAP authorizations.
We present the configuration steps required for encryption and provide examples of how to encrypt the sending of initial passwords.