SAP
Common paths
List of common paths available here.
Login pages
SAP SID
SAP SID is a 3-character system identifier (e.g. DEV, QAS, PRD).
it identifies the entire SAP system / instance.
it is unique across your SAP landscape
it is used at OS level, database, transports, RFCs
SAP Client
A SAP Client is a logical, self-contained unit within an SAP system. Each client has its own:
users
data
customizing
authorizations
Common client numbers
000
SAP standard / reference client (delivered by SAP)
001
Copy of 000, often used as a template
100
Development / Sandbox
200
Quality / Test
300
Training
500
Production
501
Another Production or special business client
These numbers are conventions, not hard rules — companies can choose any 3-digit number.
Default credentials
User
Password
Client number
User type
SAP*
06071992
*
High privileges - Hardcoded kernel user
SAP*
PASS
*
High privileges - Hardcoded kernel user
IDEADM
admin
*
High Privileges - Only in IDES systems
DDIC
19920706
000,001
High privileges - User has SAP_ALL
EARLYWATCH
SUPPORT
066
High privileges
TMSADM
PASSWORD
000
Medium privileges
TMSADM
$1Pawd2&
000
Medium privileges
SAPCPIC
ADMIN
000,001
Medium privileges
SOLMAN_ADMIN
init1234
*
SOLMAN_ADMIN - High privileges - Only on SOLMAN systems
SAPSUPPORT
init1234
*
High privileges - Only on SOLMAN or satellite systems
#SOLMAN<SID><CLNT>
init1234
*
High privileges - Only on SOLMAN systems
AS ABAP 7.40 SP08 Developer edition
User
Password
Client number
DDIC
DidNPLpw2014
001
SAP*
DidNPLpw2014
001
DEVELOPER
abCd1234
001
BWDEVELOPER
abCd1234
001
AS ABAP 7.50 SP02 and 7.51 SP02 Developer Edition
User
Password
Client number
DDIC
Appl1ance
000,001
SAP*
Appl1ance
000,001
DEVELOPER
Appl1ance
001
BWDEVELOPER
Appl1ance
001
AS ABAP 7.51 SP01 and 7.52 SP04 Developer Edition:
User
Password
Client number
DDIC
Down1oad
000,001
SAP*
Down1oad
000,001
DEVELOPER
Down1oad
001
BWDEVELOPER
Down1oad
001
SAP CA Introscope Enterprise Manager
User
Password
Password hash
cemadmin
quality
acef2c15bcd349db90dffece73e1256e881c4416fc1f2d3a4946418349d9a
Admin
Admin89
cf25f327d28e3476c61fb03e3266b1fc41b9b35cf07051625bc47abd7fb82fe4
Guest
guest12
8e6ad9bcbdc9b401c641f1747474b48f22be38ad8b1da196d41a60518ce423
sapsupport
(String)null
f18335c36cccfb60f640db4a56c18634949882d2ce8de468fe2c1d0806b778c
Other credentials
Product
username
password
sap (web) client earlywatch
admin
Support
sap (web)
Administrator
manage
sap (web)
DDIC
19920706
sap (web)
Developer
isdev
sap (web)
EARLYWATCH
SUPPORT
sap (web)
Replicator
iscopy
sap (web)
SAP*
06071992
sap (web)
SAP*
7061992
sap (web)
SAP*
PASS
sap (web)
SAPCPIC
ADMIN
sap (web)
SAPCPIC
admin
sap (web)
SAPR3
SAP
sap (web)
TMSADM
<blank>
sap (web)
admin
axis2
sap (web)
ctb_admin
sap123
sap (web)
itsadmin
init
sap (web)
xmi_demo
sap123
sap client earlywatch
admin
Support
sap
Administrator
manage
sap
DDIC
19920706
sap
Developer
isdev
sap
EARLYWATCH
SUPPORT
sap
Replicator
iscopy
sap
SAP*
06071992
sap
SAP*
7061992
sap
SAP*
PASS
sap
SAPCPIC
ADMIN
sap
SAPCPIC
admin
sap
SAPR3
SAP
sap
TMSADM
<blank>
sap
admin
axis2
sap
ctb_admin
sap123
sap
itsadmin
init
sap
xmi_demo
sap123
SAP transactions (T-codes)
A transaction (T-code) is a shortcut command in SAP that opens a specific screen, program, or function.
User & Authorization
T-code
Purpose
SU01
User maintenance
SU10
Mass user maintenance
PFCG
Roles & authorizations
SUIM
User/role reports
SCC4
Client settings
Permissions management
T-code
Purpose
PFCG
Create / maintain roles
SU01
Assign roles to users
SU53
Last authorization failure
STAUTHTRACE
Detailed auth trace
SUIM
User/role authorization reports
SCC4
Client-level restrictions
System / Basis
T-code
Purpose
SM49
Execute commands on the application server's system
SM50
Work processes (instance)
SM51
Application servers
SM66
Global work processes
ST22
ABAP dumps
SM21
System log
ST02
Buffer analysis
RZ10
Profile parameters
RZ11
Display parameters
SPAM
Support packages
SNOTE
SAP Notes
Transport Management
T-code
Purpose
SE09
Transport organizer (Workbench)
SE10
Transport organizer (Customizing)
STMS
Transport management system
STMS_IMPORT
Import requests
ABAP / Development
T-code
Purpose
SE38
ABAP programs
SE80
Object navigator
SE11
Data Dictionary
SE16 / SE16N
Table display
SE24
Class builder
SE37
Function modules
SAT
Runtime analysis
SCI
Code inspector
Tables & Data
T-code
Purpose
SE16N
View table data
SM30
Maintain tables/views
SM31
Table maintenance
SQ01
SAP Query
SQ02
InfoSets
SQ03
User groups
DBACOCKPIT
Queries on the DB & check/modify DB configuration (e.g., connection, etc.)
Logistics / MM / SD (examples)
Area
T-code
Purpose
MM
ME21N
Create PO
MM
ME23N
Display PO
MM
MIGO
Goods movement
SD
VA01
Create sales order
SD
VA03
Display sales order
FI
FB60
Vendor invoice
FI
FBL1N
Vendor line items
FI
FBL5N
Customer line items
Monitoring & Performance
T-code
Purpose
ST03N
Workload analysis
SM12
Lock entries
DB02
Database analysis
AL08
Logged-on users
Navigation tips
Type
/n<tc>→ open T-code in same sessionType
/o<tc>→ open T-code in new sessionUse
CTRL + /→ command field
SAP HANA Database - SQL
UFLAG = 128-> user locked
SQL query
Purpose
select * from m_databases;
Show all databases
select CURRENT_USER FROM "DUMMY";
Show current user
select * from USR02;
Select all from users table
select * from USH02;
Select all from users table
select * from schemas;
Database schemas
select * from USR02 where BNAME='SAP*' and MANDT='000'
update USR02 set UFLAG='0' where BNAME='SAP*' and MANDT='000'
Unlock user (ex. unlock SAP* user)
Permissions
Core building blocks
Authorization Object
Technical object that checks permissions
It controls which transaction codes a user can run
Each object has fields (activities, org levels, etc.).
Authorization
It is a filled authorization object
Role (PFCG role)
Collection of authorizations
Assigned to users
Created/maintained in:
Roles can be:
Single roles
Composite roles (multiple roles bundled)
User
Receives permissions only via roles
Maintained in
SU01
How SAP checks permissions
When you run a transaction:
SAP checks S_TCODE
SAP checks object(s) behind the transaction
SAP checks org-level fields
If any check fails, the user is not authorized
Details via:
CommonRoles
Superuser
SAP_ALL
Full access to all transactions, data, customizing
🔥 Critical
Emergency / troubleshooting only
Upgrade Support
SAP_NEW
New authorizations after upgrades
🔥 Critical
Temporary after upgrades
Basis Admin
Z_BASIS_ADMIN
System admin, work processes, profiles, logs
🔥 High
SAP Basis team
Security Admin
Z_SECURITY_ADMIN
User & role maintenance (SU01, PFCG)
🔥 High
SAP Security team
ABAP Developer (All)
SAP_ABAP_ALL
Full ABAP development access
🔥 High
Dev systems only
Transport Admin
Z_TRANSPORT_ADMIN
Create/import transports (STMS, SE09)
🔥 High
Controlled change management
Table Maintenance
Z_TABLE_MAINT
Change table data (SM30, SE16N)
⚠️ High
Config / support
Customizing Admin
Z_CUSTOMIZING
Change SPRO settings
⚠️ High
Functional consultants
Firefighter / Emergency
Z_FIREFIGHTER
Temporary elevated access (logged)
⚠️ High
Production emergencies
User Display
SAP_USER_DISPLAY
View users & roles
🟡 Medium
Audit / support
Finance Power User
Z_FI_POWER
Post, reverse, pay financial docs
⚠️ High
Senior FI users
MM Power User
Z_MM_POWER
PO, GR, inventory changes
⚠️ High
Logistics leads
SD Power User
Z_SD_POWER
Sales orders, billing, pricing
⚠️ High
Sales ops leads
System Monitoring
Z_MONITORING
Logs, dumps, performance display
🟢 Low
NOC / support
End User
Custom business role
Limited task-based access
🟢 Low
Business users
Custom data
Data objects that:
start with
ZorYare not part of SAP standard
are created by customers or partners
This applies to:
tables
fields
programs
transactions
reports
roles
Last updated