on 11-18-2015 4:21 PM
Hello,
I'm pretty new here and i am not sure if this is the right place to ask for a recommendation but here is my question:
I would like to find out where exactly to look for SAP user info (such as user id, password, etc) is stored in SQL data tables.
I know user maintenance is SU01 on SAP side, but need to do SQL side browsing to check and verify if the password is hashed.
Can anybody help me please?
Thank you
Hello Deniz,
Here is the SQL you are looking for;
select MANDT, BNAME, BCODE, PASSCODE, PWDSALTEDHASH, UFLAG from USR02
You can see the detais of fields using SE11 transaction.
Regards,
Yuksel AKCINAR
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
For some reason it doesn't work.
It comes back saying: Invalid object name 'USR02'
USR02 shows up as a sys.object but i cannot browse the contents of it.
On SAP side i go to SE16 and then USR02 to see all the information about the users.
My question is where to look at on SQL side to see the same information.
Thank you,
Kind Regards,
Deniz
Hello Deniz,
I am not sure about the hash code.
But when I didnot know the pasword of a user, I was copying the BCODE and PASSCODE values of another user (that I knew the password).
Then I could login with the password I knew to the system.
In newer versions PWDSALTEDHASH field also added to these 2.
Regards,
Yuksel AKCINAR
Hello Deniz,
You can use below sql scripts in SQL Console;
select MANDT, BNAME, BCODE, PASSCODE, PWDSALTEDHASH, UFLAG from [SID].[sid].USR02 where BNAME IN('<Username Password known>', <User name password unknown>)
update [SID].[sid].USR02
set PWDSALTEDHASH = (SELECT PWDSALTEDHASH FROM [SID].[sid].USR02 WHERE BNAME = '<Username Password known>' AND MANDT ='000')
where BNAME ='<User name password unknown>' AND MANDT = '100'
update [SID].[sid].USR02
set PASSCODE = (SELECT PASSCODE FROM [SID].[sid].USR02 WHERE BNAME = '<Username Password known>' AND MANDT ='000')
where BNAME ='<User name password unknown>' AND MANDT = '100'
update [SID].[sid].USR02
set BCODE = (SELECT BCODE FROM [SID].[sid].USR02 WHERE BNAME = = '<Username Password known>' AND MANDT ='000')
where BNAME ='<User name password unknown>' AND MANDT = '100'
Regards,
Yuksel AKCINAR
User | Count |
---|---|
95 | |
11 | |
11 | |
10 | |
9 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.