Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Report RSUSR200 having problems

Go to solution
former_member275658
Contributor

‎07-13-2010 9:51 PM

0 Kudos

Hi All,

We are seeing incorrect results in RSUSR200/SUIM when looking for inactive users (users who have not logged on >90 days).

For example, a user logs in daily but the report RSUSR200 show that user as inactive. Like this we got couple of emails which cause me to wonder is RSUSR200 is correct or not.

Please let me know if anyone faced this bug in report RSUSR200 and how they resolved it ?

Regard's

1 ACCEPTED SOLUTION

Go to solution
Bernhard_SAP
Employee
Employee

‎07-14-2010 8:08 AM

0 Kudos

Hello,

if you have applied already note 1007027 as Martin suggested and the problem persists, you should open a message for SAP support. (but: propably they will need to debug as well on your system.... )

b.rgds, Bernhard

17 REPLIES 17

Go to solution
Former Member

‎07-13-2010 9:56 PM

0 Kudos

This message was moderated.

Go to solution
mvoros
Active Contributor

‎07-13-2010 9:58 PM

0 Kudos

Hi,

It's always a good idea to search for OSS notes if you think that problem is in SAP. There are couple of notes related to report RSUSR200. For example Note 1007027 might help you.

If you have some debugging skills or access to some developer then you can try to debug why report is picking those users. It shouldn't be that hard.

Cheers

Go to solution
former_member275658
Contributor

‎07-13-2010 10:49 PM

0 Kudos

Franklin and Martin,

Thanks for quick response! I really got to know much about this report.

Just to confirm this report is working fine. I never tried debugging.

1. Can you please tell me where I can debug with the help of a developer as the debug auth are not allowed in our Prod systems.

2. How should I check which user the report catching correctly.

Go to solution
Former Member
In response to former_member275658

‎07-13-2010 10:58 PM

0 Kudos

salman,

1. Can you please tell me where I can debug with the help of a developer as the debug auth are not allowed in our Prod systems.

NOT in production system. you can check in Development system

2. How should I check which user the report catching correctly.

IIn User histroy

Thanks,

Sri

Go to solution
Former Member
In response to former_member275658

‎07-13-2010 11:01 PM

0 Kudos

You will pick up your action while running the report

then use /H before you execute the report, but this is a developer activity.

once you do this , it will open up the codes related to the report.

I am not not expert in this, I have only watched developers doing this.

/H is the key to debug.

There is another way I have seen developers doing sometime going to system---> status --> and double clicking the report

and adding break points.

Go to solution
mvoros
Active Contributor
In response to former_member275658

‎07-14-2010 12:19 AM

0 Kudos

Sometimes it's impossible to reproduce an error in QA or development system. In these cases you need to debug in production. The developers should not have right to change variables in production.

The debugging of just report should be pretty easy. Basically, you report just selects data from multiple tables and combine them into result which is displayed at the end. So you can try to follow program logic and see where you lose your user. To speed up your debugging you can limit your selection to just your user and see why it's not included into result.

Cheers

Go to solution
Former Member
In response to former_member275658

‎07-14-2010 12:39 AM

0 Kudos

Hi Martin,

Sometimes it's impossible to reproduce an error in QA or development system.

Yes thats true. But we have different approach like go for firefighter role in prod system with proper approvals.

2. depends on your urgency.

Security policy : iMake sure no access to changes in production system / No debug option (S_Develop)

Thanks,

Sri

Edited by: sri on Jul 13, 2010 7:51 PM

Go to solution
Former Member
In response to former_member275658

‎07-14-2010 10:20 AM

0 Kudos

> 

> then use /H before you execute the report, but this is a developer activity
>

Have a play with it & you will soon see that it's useful for us non-developers. Just being able to set a BP on AUTHORITY-CHECK and looping through the code is invaluable tool for security to have.

Go to solution
Bernhard_SAP
Employee
Employee

‎07-14-2010 8:08 AM

0 Kudos

Hello,

if you have applied already note 1007027 as Martin suggested and the problem persists, you should open a message for SAP support. (but: propably they will need to debug as well on your system.... )

b.rgds, Bernhard

Go to solution
former_member275658
Contributor

‎07-14-2010 8:30 AM

0 Kudos

Thanks for your suggestions.

Could you please suugest me the best approach for this ?

1. Is USR02 table more reliable than report RSUSR200/SUIM ?

2. If not USR02 then how should I make a test case in QA and debug report RSUSR200 in QA or Dev with a developer ?

Please dontmind, I never faced this issue with this report before and checked that patches are up to date from Basis side.

Go to solution
Former Member
In response to former_member275658

‎07-14-2010 8:48 AM

0 Kudos

Salman,

1. Is USR02 table more reliable than report RSUSR200/SUIM ?

In my view RSUSR200 / USR02 is more reliable, Not SUIM

Users Valid Today

Users Not Locked ; Users Locked

Users with no incorrect Logon attempts

Dialog Users

Users with Productive password

Users with initial Password

users with deactivated password

2. If not USR02 then how should I make a test case in QA and debug report RSUSR200 in QA or Dev with a developer ?

I better suggest ask ABAP devloper to do debug. If you know the steps for debugging then you can proceed, But you need to have access to se38 ...

Still facing problem, as suggested by Ben raise a ticket with SAP.

Thanks,

Sri

Go to solution
Former Member
In response to former_member275658

‎07-15-2010 11:20 AM

0 Kudos

> 

> 1. Is USR02 table more reliable than report RSUSR200/SUIM ?
> 
> In my view RSUSR200 / USR02  is more reliable, Not SUIM
>

Hi Sri, can you please clarify that comment. Running SUIM -> Users -> By logon date & password change will execute RSUSR200 so unless there are some dodgy parameters passed into the program for execution, the results will be the same.

Maybe I have misunderstood what you are saying?

Go to solution
Former Member
In response to former_member275658

‎07-15-2010 1:07 PM

0 Kudos

This reminds me of one of my all-time favourite interview questions -->

Go to solution
former_member275658
Contributor
In response to former_member275658

‎07-21-2010 11:23 AM

0 Kudos

Thanks all

Go to solution
former_member275658
Contributor

‎07-14-2010 8:46 AM

0 Kudos

Hi Bernard,

I checked that the patch level is higher than recommended in the Note 1007027. This note correction comes in SAPKB70011 and we are on SAPKB70014 currently. I think, this correction is already applied automatically.

Regard's

Go to solution
Former Member

‎07-14-2010 3:43 PM

0 Kudos

Interpreting single fields of SAP tables yourself is always risky, and in this case I know that it is easy to make mistakes. Rather use the report and consider why the result is not that which you are expecting and SAP should return in the list.

Having said that, a possible explanation is that someone else interpreted a single field of the table and updated it....

Please post the field values of 1 of the users where this happens (not not the HASH-codes in the BCODE or OCOD* fields...).

Cheers,

Julius

Go to solution
Bernhard_SAP
Employee
Employee

‎07-15-2010 10:40 AM

0 Kudos

>

> For example, a user logs in daily but the report RSUSR200 show that user as inactive.

>

Does this user log in with SAP GUI or by other ways, for instance portal etc....?