Hi Michale,

I understand that, but I have one key already! I want to use that one... I can view DEVACCESS Table key shows there, I just want to put my name on it... or in other words, how to put new key what is the procedure?

Thank you for reply... please let me know if you have any clue...

Angeline

Hello Angeline,

First of all not a good thing to do.

Secondly if I remember devacess structure correctly since you already have a key it would not allow you to change user assignment because of primary key constraints.

In case you have an R/3 or ECC system you can make the changes using SE16N(&sap_edit) or in general of any release through direct DB upgrade but in this case ieven that won't work because of primary key constraint.Anyways I would not recommend making such a change even if there was not a primary key constraint. In a way it is wrong and it might still not work even after making changes to devacess because of subsequent checks.

Regards.

Ruchit.

Sorry, that will not work as the key will not match the changed UID name - no matter how many dark tricks you try on the table the system will request a key for your sy-uname and sy-uname is an attribute in the key.

You cannot change sy-uname (even in the debugger you cannot do it) without being logged on as the user ID...

What you can do is hijack the user ID itself, but that is not very nice and if it is still used then they will probably notice it if you are clumsy

The system will also write entries to an obscure table because of the inconsistency and SAP will ask about it in the license measurement...!

Cheers and nice to see you back again!

Julius

Edited by: Julius Bussche on Dec 23, 2009 10:52 PM

Hello Julius,

Thanks. Of course I agree with what you say. That is why I had mentioned : "it might still not work even after making changes to devacess because of subsequent checks.".

Elaborating on subsequent checks:Most likely the hash function/algorithm that validates the dev access key would not accept the user-id devaccess combination.

I have never tried these dark tricks for this so don't know for sure how would it behave but most likely the hash function would invalidate the key itself as you mention.

Regards.

Ruchit.

Hi Ruchit,

What is more important is that there is a "salt" in the hash in higher releases if you try to hijack the ID.

This is intentional but currently by default it is optional.

It is intended to prevent "tricks" such as this.

I won't say more - people who want to use the system this way can face the consequences at runtime

Merry christmas,

Julius

> So to resume... you either hijack the user by changing the password and logon with it or request a new developer key in SAP marketplace.

Yes, those are the 2 options, together with "jump the wall" (see the comments in the code before the c-call).

But changing the pwd will be disruptive to the user... and SAP will see it in the license measurement.

In addition to DEVACCESS having primary keys, USR41 has used foreign keys in SAPMSYST.

The correct way is to request a developer key from SAP, or have one delivered with the system for experimental purposes(BCUSER, etc).

Everything else is a "hack" and is not guaranteed to work consistently.

Cheers,

Julius

Yes, there are valid use cases to reset a developers password (editor locks, etc).

I have my doubts about whether that is the case here... lets wait for "TA's" explanation why she did not reset the pwd.....

Cheers,

Julius

First of all Merry Christmas you all

I really appriciated your time and discuss, so bottom line is there is no back-door to do that... I think that big enough for me ( I 100% understand the good way to get key from SAP...

Very nice...

Thanks again

Angeline