Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP* Login History

Former Member

‎09-06-2012 7:04 AM

0 Kudos

Hi everyone,

I have noted the following weakness in a system: SAP* account is deleted and the parameter (login/no_automatic_user_sapstar) is set to "0". This would allow login with SAP* using the default password "PASS".

My question is as follows:

Would it be possible to find the login history related to a deleted SAP* user in this scenario? We have actually tried to login using SAP* and the default password but non of the available reports showed this "Login event".

Many thanks in advance

5 REPLIES 5

Former Member

‎09-06-2012 10:50 AM

0 Kudos

I've not tested this but I think this is picked up in the sec aud log.

Former Member

‎09-06-2012 12:06 PM

0 Kudos

ST03N.

Former Member
In response to Former Member

‎09-06-2012 1:16 PM

0 Kudos

Thanks Henry,

How can I locate it in ST03N??

Former Member
In response to Former Member

‎09-12-2012 5:42 AM

0 Kudos

ST03N

go to expert moden -> choose period

in analysis views choose user and settlement Statistic -> user profile

Former Member

‎09-07-2012 8:30 PM

0 Kudos

SAL does an existence check.

You must have at least created the user (should do anyway) or have relaxed the existence check (rsau/user_selection = 1).

If you are fast enough, you can use STAD. Otherwise you have aggregated data in ST03N.

If the logon actually "did" something during the session, it will also leave other various "skid marks", particularly if it tried to do something fancy.. 

Julius