Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User locked but SU01 showing it's not locked

Former Member

‎07-17-2007 9:36 PM

0 Kudos

One of our user can not login to SAP - getting user lock message but in SU01 or SUIM we couldn't see him locked. It's a normal dialog user. We are not using CUA. What could be the issue ? How to unlock this user ?

Please suggest.

11 REPLIES 11

Former Member

‎07-17-2007 9:38 PM

0 Kudos

sapman,

What does it show for the uflag field in table usr02. This is the table/field that shows the lock status.

Cheers,

Ben

Former Member
In response to Former Member

‎07-17-2007 9:58 PM

0 Kudos

UFLAG filed shows 0 not 128 or 64.

Please how can we allow this user to login

Former Member
In response to Former Member

‎07-17-2007 10:04 PM

0 Kudos

Also be sure the password has not been inactivated.

If that is not the case answer the following:

If the user is copied into another user is it able to logon? Also what is the exact error message?

Cheers,

Ben

Former Member
In response to Former Member

‎07-17-2007 10:13 PM

0 Kudos

Lock and Unlock the user, and ask the user to logoff and login again. When the user is logged off check for any open session running with this user ID

Former Member
In response to Former Member

‎07-17-2007 10:16 PM

0 Kudos

I'll try to find answers to that ASAP.

But how to check whether password inactivated or not ?

TIA

Former Member
In response to Former Member

‎07-19-2007 9:34 AM

0 Kudos

Yes benjamin. I checked that login/password_expiration_time is over for this user. BCDA1 field date is over. Now whether his password can be now reset using simple SU01 ? or delete/create this id is required. In some notes I read that "expired password can not be reset" - not sure whether that is true with this prof parameter or not ?

Our security team says they tried to unlock & also reset password but user still can't login. Thats why I'm asking whether delete/create of this id required to enable him login ?

Former Member

‎07-18-2007 1:44 PM

0 Kudos

I would reset the user's password and ask them to try to relogon.

You can find if a password is deactivated in SU01 in the "logon data" tab.

Former Member

‎07-19-2007 12:34 PM

0 Kudos

Hi

I am not sure what version you are runnig gbut The profile paramters

login/password_max_new_valid and login/password_max_reset_valid should not be used. This causes issues with users. I had the same issue where by I had to delete and recreate,I then took these parms out and never had the issue agaain

Former Member
In response to Former Member

‎07-19-2007 12:39 PM

0 Kudos

Ensure that the users account is with in the "validity" period. eg Vaild from / to period in SU01.

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎07-20-2007 3:52 PM

0 Kudos

@Moods: yes - have a kind look on <a href="https://service.sap.com/sap/support/notes/450452">SAP Note 450452</a>: refrain from using login/password_max_new_valid and use login/password_max_new_valid with care.

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert

‎07-20-2007 3:50 PM

0 Kudos

Advice: start transaction SE37 and test-drive function module SUSR_USER_PASSWORD_STATUS_GET.

Worse-comes-worse: use the tracing approach described in <a href="https://service.sap.com/sap/support/notes/495911">SAP Note 495911</a> to analyse the problem (which seems to be reproducable).

Cheers, Wolfgang