cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User password copy from one client to another

Go to solution
former_member325638
Participant

on ‎02-06-2013 10:37 AM

0 Kudos

Hi All,

Due to urgent audit requirement; we have to run some report in client 066 of production system and send back to auditors.

But we are facing problem as no one is aware of any user's password in cleint 066. Tried ‘support’ for earlywatch user;  ‘06071992‘ and 'pass‘ for sap* but did not work.   One option we thought of was to delete sap* at OS level for client 066 and login with pass. But parameter "login/no_automatic_user_sapstar" is set to 1 and we cannot restart all production systems twice for doing this activity.

Could anyone please help what are the options here. Please advise if anyone is aware of sql query to copy password of any user from one client to another or to export a user from one client and import to another etc.

Thanks,

Varun

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Reagan
Advisor
Advisor
‎02-06-2013 12:38 PM
0 Kudos

Hello

If you have a user ID and password of a client and if that user is also present in client 066 then you can update the BCODE of the user on client 066 with the one from the other client along with other fields like PWDCHGDATE etc. It is not a standard practice but a dirty trick. it works.

Cheers

RB

Show replies
Show replies
former_member325638
Participant
‎02-06-2013 12:53 PM
0 Kudos

Thanks RB for your reply.  Actually are not worried about changing any fields like pwdchgdate etc and we want to keep them actual. Only requirement is to find some user/password to login to 066. We are not able to do it at SAP level; so trying to do this at sql. Could you please elaborate and share the comand  how atht can be done.

Thanks

Varun

Reagan
Advisor
Advisor
‎02-06-2013 2:34 PM
0 Kudos

Hello

You need to update the fields BCODE, PASSCODE, PWDCHGDATE of the USR02 table for a particular user on MANDT 066 with the details from the other client.

I don't know what database your system is running so cant frame one for you.

Don't forget to commit it.

Cheers

RB

former_member325638
Participant
‎02-06-2013 2:38 PM
0 Kudos

Thanks a lot Reagan

Reagan
Advisor
Advisor
‎02-06-2013 2:48 PM
0 Kudos

Assuming that you have an Oracle database and schema is SAPSR3 here is it the SQL statement for you.

update sapsr3.usr02 set

BCODE = (select bcode from sapsr3.usr02 where bname='&&user_name' and MANDT = '&&source_client')

,PASSCODE  = (select PASSCODE from sapsr3.usr02 where bname='&&user_name' and MANDT = '&&source_client')

,PWDCHGDATE = (select PWDCHGDATE from sapsr3.usr02 where bname='&&user_name' and MANDT = '&&source_client')

where bname='&&user_name' and MANDT='&&TARGET_CLIENT';

If the schema is different then replace SAPSR3 with the one you have.

You will be asked for the username and source client and then the target client.

Make sure that the user name is same and present on both the clients

I apologize if you have a different database.

Good luck

Cheers

RB

former_member325638
Participant
‎02-06-2013 2:53 PM
0 Kudos

Thanks RB,

I wrote the sqls. Actually was not aware of the field names. It worked fine. I have updated PASSCODE and BCODE. It prompted for a new password to be set while logged into 066. Could you please advise whether updating pwdchgdate is also necessary.

Thanks again for your help

Varun

Answers (2)

Answers (2)

Former Member
‎02-06-2013 10:56 AM
0 Kudos

Normally we dont login any other client other than production client to take any report for auditing,

Auditing will be done for production client ,066 client is not meant for us,its for SAP

For my knowledge can i know what kind of the report they are telling you to run in 066?

Show replies
Show replies
Former Member
‎02-06-2013 10:59 AM
0 Kudos

That's a good point. It may be possible to run the report in another client and get the same results. What report are they asking you to run?

Steve.   

JPReyes
Active Contributor
‎02-06-2013 11:13 AM
0 Kudos

Absolutely agree with that comment

Former Member
‎02-06-2013 11:19 AM
0 Kudos

Hi,

As its production system, I would suggest you to stick to the SAP standard procedures. Take system downtime -> activate SAP* -> run the audit reports -> deactivate SAP* -> release for users. If urgent downtime is not possible then schedule the activity for the maintenance window.

Regards

Mudasir.

former_member325638
Participant
‎02-06-2013 11:21 AM
0 Kudos

Hi Steve,

The report is to be run in every client as it is related to users and different in each client. We need to find last logon and password change details of all standard users  like ddic, earlywatch, sap* etc in every client. For this we execute suim > user by logon date and password change > execute with all options selected.  I hope htis clarifies; why we cannot find this from any other client. Also; we will be able to keep one user's password in 066 for any such future requirement.

Regards

Varun

Former Member
‎02-06-2013 10:51 AM
0 Kudos

If you have DB access, you should be able to copy the password fields from table USR02 for a client/user you do know the password for, overwriting those fields for an existing user (I suggest sap*) in 066. The field you want to copy is OCOD1 for the current password.

That said, this appears to have changed since last time I tried this. It looks like it is true still on my 4.7 system, but not for my ERP6/EHP5 system. I don't know how it has changed, nor where the password is in the new system. You'll need to check your system to see if this would work for you.

Steve.

Show replies
Show replies
former_member325638
Participant
‎02-06-2013 11:08 AM
0 Kudos

Hi Steve,

Thanks for your reply. We know DDIC password in client 000;100. And we have acess to DB server as sidadm. From there; earlier I have successfully unlocked user on our EHP system with commands like below

SQL> update <schema name>.usr02 set uflag='0' where bname='user' and mandt='000';

I am searching for something similar using which password can be copied but not able to find sql statement which can help in this. We have approvals from management to go for it and overwrite any user's password in 066 and no one in organisation knows it; but we are not able to do it. Could you please help.

Thanks

Varun

Ask a Question