- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
User Lock
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2008 9:56 AM
Hi,
Is there a way to set a list of users that cannot be locked,even if we try to lock them manually,and even if they fail connection (wrong password)?
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2008 10:14 AM
> Is there a way to set a list of users that cannot be locked,even if we try to lock them manually,
Yes. You need to protect them in a secure user group and restrict authority for object S_USER_GRP activity '05' for the value of that group they are in.
> and even if they fail connection (wrong password)?
That would be a password lock. The user (and others) can always do this to themselves if they need a password.
To my knowledge you can only disable this globally for the whole system (param login/fails_to_user_lock) and not for one group.
An alternate option is trusted connections and deleting the password. In that case you can control who can logon and not possibly lock (for failed password reasons) the specific users via a special authorization object => S_RFCACL. (but you should read the docs carefully because it is powerfull).
Cheers,
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2008 10:14 AM
> Is there a way to set a list of users that cannot be locked,even if we try to lock them manually,
Yes. You need to protect them in a secure user group and restrict authority for object S_USER_GRP activity '05' for the value of that group they are in.
> and even if they fail connection (wrong password)?
That would be a password lock. The user (and others) can always do this to themselves if they need a password.
To my knowledge you can only disable this globally for the whole system (param login/fails_to_user_lock) and not for one group.
An alternate option is trusted connections and deleting the password. In that case you can control who can logon and not possibly lock (for failed password reasons) the specific users via a special authorization object => S_RFCACL. (but you should read the docs carefully because it is powerfull).
Cheers,
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2008 10:16 AM
Hi Deepak,
From my knowledge point of view there is no way to set the user-ID unlocked.You can develop customized program with the help of ABAP people , which will send an email to administrators if the particular user-ID get locked through incorrect logon or manually. We have developed the same to avoid background job failure due to user lock.
Regards,
Sneha
- SAP Managed Tags:
- Security
