on 04-22-2008 9:48 AM
hi,
my system will lock ID after 3 failed login attempts. if there is one id always got locked up but the failed login attempts was not done by the owner itself, how do we check from which IP or terminal is trying to access to that id and make it locked ?
suspect other users are trying to be playful and trying wrong password to purposely lock the id. how do i catch the culprit ?
i did try to use STAD to capture the activity, in the log it has the record there is failed logon, but didn't show the Terminal ID.
comment and advice will be appreciated.
thanks.
Regards,
kent
forced to make it answered
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
first you activate security audit log in sm19 after that you can analyze the security audit log in sm20n .
Regards,
Maheshwer.p
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
hi Maheshwer,
this is a good idea also, but i can only activate the audit log after the user complained his/her id is locked.
i did try to activate a profile in SM19, after the activation it says
" Audit profile TESTING2 activated for next system start" , does it mean i need to restart SAP system to make it active ?
thanks.
regards,
kent
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.