Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Query for inactive users via RSUSR200 invalid

Go to solution
Former Member

‎08-03-2009 9:20 PM

0 Kudos

Hello,

I run a query on the first of each month looking for any user account on our R/3 4.7E that have not logged in for 120 days. I lock out all inactive accounts. I have one user account that shows up each month as iinactive yet the user claims he uses the SAP system on a regular basis. I can look at his change documents and see that I have locked him out each month and then unlock him after he emails me. According to his change documents, he hasn't changed his password since Dec 2008 although we require a new password every 90 days. Through SM20, I have no recodrs for this user in a dialog login, RFC login, transaction start, etc for the past year.

I am not having this problem with any other user account. Any ideas?

Thanks,

Michael

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎08-03-2009 9:33 PM

0 Kudos

> I am not having this problem with any other user account. Any ideas?

Check the user type in SU01 as it might be SERVICE, but that is unlikely based on your description...

What you can do is disable CPIC logins and reject expired passwords for Dialog (and Communication) type users which are not via the screens of SAPMSYST (the logon program). That should cure the problem, but you would be well advised to first be sure that all your RFC connections and other "interfaces" have the correct user types set.

It is a blunt tool, but a good one IMO.

I would also ask the user how they are logging onto the system. Sounds like an Excel "system" and you are on 46C release?

Cheers,

Julius

ps: Also check your job step users and possible hardcoding of the user ID. Someone might have immortalized themselves in the system.

Edited by: Julius Bussche on Aug 3, 2009 10:35 PM

3 REPLIES 3

Go to solution
Former Member

‎08-03-2009 9:33 PM

0 Kudos

> I am not having this problem with any other user account. Any ideas?

Check the user type in SU01 as it might be SERVICE, but that is unlikely based on your description...

What you can do is disable CPIC logins and reject expired passwords for Dialog (and Communication) type users which are not via the screens of SAPMSYST (the logon program). That should cure the problem, but you would be well advised to first be sure that all your RFC connections and other "interfaces" have the correct user types set.

It is a blunt tool, but a good one IMO.

I would also ask the user how they are logging onto the system. Sounds like an Excel "system" and you are on 46C release?

Cheers,

Julius

ps: Also check your job step users and possible hardcoding of the user ID. Someone might have immortalized themselves in the system.

Edited by: Julius Bussche on Aug 3, 2009 10:35 PM

Go to solution
Former Member

‎08-03-2009 9:35 PM

0 Kudos

I would like to mark this question as answered. This user was not telling me the truth and has not logged in since December as I expected. He was just raising an issue to me for locking his account.

Go to solution
Former Member
In response to Former Member

‎08-03-2009 9:41 PM

0 Kudos

Strange. They could also have simply logged on...

Perhaps they just like mailing with you every 90 days... or have now found another user ID to use for this which is at the same time active via the SAPGui...

Do a check on users of type SERVICE.

Cheers,

Julius

Edited by: Julius Bussche on Aug 3, 2009 10:41 PM