09-06-2012 7:04 AM
Hi everyone,
I have noted the following weakness in a system: SAP* account is deleted and the parameter (login/no_automatic_user_sapstar) is set to "0". This would allow login with SAP* using the default password "PASS".
My question is as follows:
Would it be possible to find the login history related to a deleted SAP* user in this scenario? We have actually tried to login using SAP* and the default password but non of the available reports showed this "Login event".
Many thanks in advance
09-06-2012 10:50 AM
09-06-2012 12:06 PM
09-06-2012 1:16 PM
09-12-2012 5:42 AM
ST03N
go to expert moden -> choose period
in analysis views choose user and settlement Statistic -> user profile
09-07-2012 8:30 PM
SAL does an existence check.
You must have at least created the user (should do anyway) or have relaxed the existence check (rsau/user_selection = 1).
If you are fast enough, you can use STAD. Otherwise you have aggregated data in ST03N.
If the logon actually "did" something during the session, it will also leave other various "skid marks", particularly if it tried to do something fancy..
Julius