Where used - For a user

Former Member · ‎01-18-2010

Hello Experts,

My user is getting locked very often, i think, some jobs / RFCs using my id, in which a wrong / old password is saved. In SM21 also i can see that, user has been locked due to incorrect login, eventhough i have not made any login during that time.

I am just wondering, is there anyway, i can find out, where all my user is used. And which is causing my user to get locked.

Regards

Jose

Former Member · ‎01-18-2010

Try to remember where you might have entered your PWD into some config credentials before? This is the most common cause, together with an open to "Remember password".

Depending on where you stick your password into you might have a tough time trying to remove it again, but you should be able to find it in SM20N if you prior activate an SM19 dynamic filter for your user ID (event class logon).

If locked via incorrect password attempts, then a terminal will also be available in SM21 (SysLog) for the event.

These are the standard "vanilla" ways of finding it which you could also have found via a search. There are more advanced techniques, but you will in most cases not need them if you get all the basic of your system config right (activating audit log for critical events, monitoring syslog, etc).

Sometimes it is also just bad programming habits. Sharpening the password rules or converting to unicode sometimes help highlight these...

Cheers,

Julius

Former Member · ‎01-18-2010

ps: You should also consider that you possibly have a shared user ID, and someone still thinks that it is 'SUMMER09' . The security audit log is the correct tool for this symptom ...!