Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

User validity

Former Member
0 Kudos

Hi Experts,

Please any one let me know your suggestions on below issue.

i.e. I have created one user id with validity date like 01.07.08 to 25.07.08 in his user master record.

On 25.07.2008 at 11:30 pm he has been accessing the server. can he able to continue his work after 12am (i.e. 26.07.2008) if he didn't logout from the system?

Regards,

Reddy V.

9 REPLIES 9

Former Member
0 Kudos

Yes.

0 Kudos

Hi Julius Bussche,

Thank you for your information.but how can I restrict this user id validation If this user ids is continuously working in the system with out logout from the system.

Please let me know you suggestions.

Regards,

Reddy V.

0 Kudos

Hi Reddy V,

You can restrict the validity of their roles (from , to, on "Roles" tab in SU01 or "User" tab in PFCG) to expire at the end of the day, and then shortly after midnight schedule report PFCG_TIME_DEPENDENCY to do a user compare.

They will still be logged on, but they will loose all their access when the profiles are removed... so they will probably logoff and go home.

Cheers,

Julius

PS: The above will not work for releases lower than 6.10.

0 Kudos

> how can I restrict this user id validation If this user ids is continuously working in the system with out logout from the system.

You mean 24/7? They're bound to get some coffee or something to eat at some point. Have a look at the profile parameter "rdisp/gui_auto_logout" to make use of these periods of inactivity.

0 Kudos

>

> You mean 24/7? They're bound to get some coffee or something to eat at some point. Have a look at the profile parameter "rdisp/gui_auto_logout" to make use of these periods of inactivity.

What if they remain active (not that there is anything wrong with that) or park the mouse on something which rattles it around all the time and hits "Enter" every 5 minutes.

The only realistic way I can think of is to limit the validity on the role assignment (and possibly prevent them from stopping the PFUD job - just incase this is an important requirement).

Cheers,

Julius

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
0 Kudos

>

> How can I restrict this user id validation If this user ids is continuously working in the system with out logout from the system.

Well, in addition to the role assignments (which can be removed time-triggered as Julius has mentioned) it's also worth mentioning that (even internal) RFCs, asynchronous updates, background jobs, etc will all fail if the account validity was exceeded. Since quite a lot of applications make use of RFC and/or asynchronous updates the user will be effected by the account expiration.

Former Member
0 Kudos

Perhaps you could just kill their session at 12:01 am using tcode SM04. They are not supposed to be on after the validity date so kiing their session should be OK.

0 Kudos

>

> Perhaps you could just kill their session at 12:01 am using tcode SM04.

Yeah, but then you have to set your alarm-clock for midnight as well

It is nicer if the system does it for you.

Cheers,

Julius

Former Member
0 Kudos

Thanks for you information