Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Lock Inactive Users

Former Member

‎06-12-2007 9:21 PM

0 Kudos

We want to lock users who have not logged in for 45 days or more. Is there a generic program/report SAP provides for this? How can I accomplish this?

7 REPLIES 7

Former Member

‎06-12-2007 9:29 PM

0 Kudos

Hello Fahad,

Please use report RSUSR200 or transaction RSUSR200 for this. Give appropriate values in selection screen and the report will give you the list of users who have not logged in for more than 45 days. There is a standard variant in this report for finding users who have not logged in for more than 90 days so you can use that as a reference. Then you can lock this list of users using SU01 orSU10 transactions.

Regards.

Ruchit.

Former Member
In response to Former Member

‎06-12-2007 9:34 PM

0 Kudos

Ruchit,

Thank you for the reply,

We want this process to be automated. We want to set up a background job to check each day whether the users have been inactive for 45 days. If so, then the job should lock them. I know how to retrieve the list of inactive users (via tcode SUIM or report RSUSR200), but locking each user in the output needs to be done automatically.

Former Member
In response to Former Member

‎06-12-2007 11:07 PM

0 Kudos

Nothing available in standard SAP for this. You need to write a custom report for this. Will be pretty simple.

Regards.

Ruchit.

Former Member
In response to Former Member

‎06-12-2007 11:10 PM

0 Kudos

Is there anyone with experience writing a custom report for such a task? If so would you mind sharing the code?

l_borsboom
Active Participant

‎07-09-2007 1:09 PM

0 Kudos

In Netweaver 2004s you can use parameter:

<b>login/password_max_idle_productive (unit days)</b>

It deactivates the password if not used for 'x' number of days.

Please also refer to for more solutions.

Kind regards,

Lodewijk

Former Member
In response to l_borsboom

‎07-09-2007 4:11 PM

0 Kudos

Hi,

The parameter <u>login/password_expiration_time specifies the

period of time after which the system prompts the user to change his

or her password.</u>

You use this parameter to set the maximum interval between the time

of the last password change and the next logon with this password.

After this period has passed, the message "Password was not used for

a long period and therefore deactivated" is displayed, and the logon

is rejected.

But if you are asking for Locking a User who has not logged in even after changing the initial password, than the above mentioned paremeter will not work and ther is no program given by SAP to lock users. You may have to do it manually.

Hope it helps.

Please award points if it is useful.

Thanks & Regards,

Santosh

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
In response to l_borsboom

‎07-10-2007 6:05 PM

0 Kudos

Sorry Santosh, but you are wrong.

Lodewijk was correct when stating that as of NW 7.0 (aka NW 2004s) this functionality is implemented in the standard (see <a href="https://service.sap.com/sap/support/notes/862989">SAP Note 862989</a>).

In older releases, however, you need to use report RSUSR200 (manually).

Regards, Wolfgang