on 10-07-2011 8:40 AM
Hi,
I have a user that is locked in SU01.
Is there anyway to identify the responsible hostname/IP that cause the lock?
I've found the SM21 entry but does not contain the info I need?
Any suggestions?
Kind Regards,
Chris
I've found the SM21 entry but does not contain the info I need?
You should find the info about the hostname under "Terminal" on the SM21 log for the locked user
Regards
Juan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
BTW: If you change the user type from COMMUNICATION to SYSTEM then it will no longer have the ability to change it's own password at logon and no longer be required to.
If you set the RZ10 login/passwordidle parameters (recently?) then these affect COMMUNICATION type users, but not SYSTEM users.
You should use SYSTEM users for RFC. Communication type iseffectively obsolete...
Cheers,
Julius
Hello Chris,
You can find information about a user locked in SU01 from transaction SUIM:
SUIM->Change documents -> for users. Then, in selection criteria mark attributes related to lock action.
I hope this helps you.
Regards,
Blanca
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Blanca,
Thanks for the suggestion,
Unfortunately this info only gives me which user caused the lock. (changed by)
|User |Date |Time |Changed by|Action |Old Value |Text for Value |New Value |Text for Value |TCode|
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
|com_user|07.10.2011|01:14:44|com_user |Lock changed | 0|Not locked | 128|Incorrect Logon Lock|KRNL |
In this case, its the com_user that is locking itself.
Still no indication from where (i.e. hostname/ip)
Thanks,
Chris
I understand that you have closed the thread, but perhaps that was a bit too fast...
There is a way of getting this information (source host and even client destination name) but I see from your public profile that you work for the South African Revenue "Services".
Since 10 years you folks owe me some tax back but have ignored my requests and just sent me more forms which I have to fill out each time... so... if you want my help then you will first have to pay my tax return back.
Sorry, I have been waiting for this moment each year for 10 years, so could not let it go.
You have 24 hours to answer, because after about 24 hours (depending on system load and configuration) the data is no longer there (source IP data). To keep the timestamp in the statfile record you must apply for an extension before the first 60 days since the user lock happened have elapsed (because there is still a way to get it back but you have to pay a fee), otherwise it gets reorged.
Cheers,
Julius
ps: What sort of authorizations does the user have? I am looking for something like BAPI_TAXRETURN_PROCESS_INBOUND for when you post the IP addresses.
Edited by: Julius Bussche on Oct 8, 2011 9:29 PM
Attempt to re-open the thread, because the password lock is likely to happen again...
Hi Julius,
Thanks for the reply.
I've gone to transaction STAD, but cannot see any hostname information?
tarted Server Transaction Program T Scr. Wp User
* * * com_user
0:39:42 qasr3ci0_QKR_00 <AD_RESET_USR02> G 1 com_user
0:39:43 qasr3ci0_QKR_00 <AD_RESET_USR02> G 1 com_user
0:39:48 qasr3ci0_QKR_00 <AD_RESET_USR02> G 1 com_user
FYI, SM19/SM20 works, but you need to set it up beforehand.
Kind Regards,
Chris
Did the calls lock the comm_user again?
STAD only keeps the data for about 24 hours, but if this is "fresh" data then what you are looking for is is the program = RFC and Type = R.
If you double-click it and then choose button "RFC" and then "Details of Connection" (it should be a green coloured '1') then it will show you the host and IP address of the connection partner.
Otherwise you willl have to go to ST03N RFC server profiles or wait for the lock to happen again and catch it in SM20.
Cheers,
Julius
ps: Thanks for your mail about the tax problems. I will send you the details.
Hi Chris,
First try to find out the reason why the user got locked. There can be many reasons and it could be clear from User change log I think.
Thanks
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
The reason is a several incorrect log-in attempts.
Some more background;
the user is a communication user, which is shared with several 3rd party systems.
I know a suggestion might be to create individual users for each system.
But I still would like to know if there is a answer to my original question?
Kind Regards,
Chris
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.