Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to check the IP / terminal name that tried to login ?

Former Member

‎04-22-2008 8:32 AM

0 Kudos

hi,

my system will lock ID after 3 failed login attempts. if there is one id always got locked up but the failed login attempts was not done by the owner itself, how do we check from which IP or terminal is trying to access to that id and make it locked ?

comment and advice will be appreciated.

thanks.

Regards,

kent

4 REPLIES 4

jabella
Employee
Employee

‎04-22-2008 10:07 AM

0 Kudos

Hello Kent,

You can check this using the audit transaction SM21.

You should find a record telling the user was locked and will also show you the terminal where the logon was attempted.

Regards, Jose

Former Member
In response to jabella

‎04-22-2008 10:11 AM

0 Kudos

hi jose,

i don't think i can find fail login record in SM21. i have tried to make a failed login attempt, but it is not captured.

SM21 is System Log not an Audit Transaction.

regards,

kent

Former Member
In response to jabella

‎04-22-2008 11:33 AM

0 Kudos

Hi Jose,

You are right. Locked id will be captured in SM21.

Early on I was trying with wrong password only but the ID still not locked yet that's why not captured in SM21.

If on the third failed attempts only it locked the ID, that means the first and second failed attempts will not be captured in SM21.

Anyway, thanks.

regards,

kent

Former Member
In response to jabella

‎04-22-2008 12:23 PM

0 Kudos

Hi Kent,

I'm pretty sure this info is recorded in the security audit log (SM20) if you have it activated.