Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User is locked

former_member620387
Explorer

‎11-03-2010 12:36 PM

0 Kudos

Hi,

we have the following problem:

A user wants to login to CRM (portal) by Internet Explorer. In some cases the user cannot login into the system because after one try he gets the message that his user account is locked.

If the login is correct the error message is shown when the explorer is closed accidentally and the user wants to login to the system again.

I checked the profil-parameter login/fails_to_user_lock. It is set to 3.

Any ideas?

Regards

Bjoern

10 REPLIES 10

Former Member

‎11-03-2010 12:47 PM

0 Kudos

The user may have tried twice before and when he try again 3rd time the use will get locked. Is this issue for all the users or only one?

Former Member

‎11-03-2010 12:54 PM

0 Kudos

Hi,

If the parameter is set to 3, then the system should allow the user. However, if you are referring to the CRM portal, the backend parameter will not work.

If it is the backend system, enable SM19 audit log for the user to trace out if the ID is used by any one else with incorrect password.

Hope this helps!!

Rgds,

Raghu

Former Member
In response to Former Member

‎11-04-2010 8:40 PM

0 Kudos 
If the parameter is set to 3, then the system should allow the user. However, if you are referring to the CRM portal, the backend parameter will not work.

May I ask where you get this info from? Someone tried to convince me of it once before but it did not fly...

Anyway, I assume that logon tickets are being used here, so no passwords are involved nor evaluated (unless the system is instructed to do so in rz10 --> see login/password_change_for_sso.

Cheers,

Julius

Former Member
In response to Former Member

‎11-05-2010 4:59 AM

0 Kudos

Hi Julius,

It my understanding that the user to lock parameter value is not considered when the user ID source is portal and not an ABAP system.

Rgds,

Raghu

Former Member
In response to Former Member

‎11-05-2010 12:15 PM

0 Kudos

Hi Raghu and Bjoern,

Take a carefull look at the discussion and particularly Patrick Whitty's comments in relating to the Java UME policy being evaluated (but not affecting the UME source's policy - AD or backend).

Cheers,

Julius

Former Member
In response to Former Member

‎11-07-2010 12:11 PM

0 Kudos

Hi Julius,

Thanks for pointing to the right thread. Was out of the doubt now

Rgds,

Raghu

chris_hall2
Participant

‎11-04-2010 8:00 PM

0 Kudos

Have you compared terminal ID's? Users terminal to the terminal referenced in SAP as doing the lock.

Former Member
In response to chris_hall2

‎11-04-2010 8:31 PM

0 Kudos

Good observation!

If the user closes the browser and the session state is held on the backend, then logging in via SAPgui or a iView to start the session_manager might be triggering some code in the backend to lock the user for multiple concurrent logins.

--> Check the program susr0001 to see whether there is any code in the exit there.

Note: locking the user has no effect once they are "on the inside" so the code in the exit which "only" locks is possibly useless anyway...

Cheers,

Julius

former_member620387
Explorer
In response to chris_hall2

‎11-05-2010 8:55 AM

0 Kudos

Hi Julius,

that´s really a good observation. I will check it because the user told me that he has closed the explorer. After that he has only one try to login again.

Regards.

Bjoern

former_member620387
Explorer
In response to chris_hall2

‎11-05-2010 10:07 AM

0 Kudos

Could it be a solution to deactivate cookies in internet explorer?