Auto-logout of dialog type users connected via trusted system
Hello,
We have System AAA. In this system we have users 1234 and 4321 of dialog type.
User 1234 logs in via SAP GUI.
User 4321 logs in via trusted system BBB.
We have set rdisp/gui_auto_logout to 30 seconds.
User 1234 is logged off after 30 seconds.
User 4321 is never logged off.
How can we force user 4321 to be automatically logged off after 30 seconds?
Peter
With (Trusted) RFC calls in general you are calling a function module and not a transaction. Okay, the FM might call a transaction in a new task and present it to look exactly like a transaction which had been started locally, but if you look in SM04 on that server then you will see that the protocol is not DIAG but rather RFC for the sessions.
So, what you can do for such current user context trusted RFC calls which are dialog capable and interactive with the SAPGui, is simply call FM RFC_CLOSE_CONNECTION whenever you want the connection to the current user to be closed.
Of course, if the user is fast and your security design is sub-optimal, then even 30 seconds might not help you (from a security perspective).
I remember mention a while ago about a profile parameter which gives you an option to timeout an idle but open RFC connection. I tried a quick search but did not find it again. If you keep an eye out for the legendary term "Wolfgang" when searching together with "auto" "timeout" "logout" etc terms then you should be able to find it with some patience.
Please also see the OSS notes on RFC_CLOSE_CONNECTION. You will find more infos there and possible the optional parameter as well.
Cheers,
Julius
Similar Messages
-
Hi,
Is there any way where we can logout users of type RFC which are idle for certain time ?
For example using parameter "rdisp/gui_auto_logout", we can automatically logout dialog user if the user is inactive for a specific period of time in seconds.
Similarly is there any parameter or way where we can logout RFC type users which is idle for a specific period?
Thanks in Advance,Hi,
You can use SM59->Select RFC-> Special Options-> Keep alive timeout.
Please also check parameter gw/keepalive.
Note: I never used this before. But I am sure this will help you.
Manoj Chintawar -
Tell me the perameter to set maximum gui auto logout time for limited users
hi gurus...
i want to know the perameter to set the maximum gui auto logout time for limited users...
at present i have auto logout time as 30 minutes..but i need to set the value as 10 minutes for some group of user...
if any one know any perameter plz let me know..
thanks in advance,
chaitanya...Hi Chaitanya,
I don't think theres a specific parameter to achieve this, but you can set the value of rdisp/gui_auto_logout to 10 in one of the instances and create a new logon group for this users.
Hope this help!
Juan
Please reward with points if helpful -
Gilson 307 pump which are connected via a system interface module 506C
hello,
I have a master's thesis received the task to control gilson pumps.
Unfortunately I have no experience with LabView.
It is generally possible to steer the pump? I read a lot and it will describe this is not possible. But I have a compoliertes Pogramm and unfortunately can not get the source code and the driver. There you can control the pumps.
Can one of you help. I would be very grateful.
hardware:
three Gilson 307 which are connected via a system interface module 506C. The interface module is connected via an RS232 connection.
LabView 2012
Thank you very much in advance and best regards
MichaelThanks for the extra comments GerdW.
Perhaps there is someone who wants to help me, in the manual are not the commands available. Even the technicians of Gilson I could not tell from his documentation of the command sets.
many greetings
Michael -
I have 2 imacs connected via ethernet through a router.
A file got deleted from my computer by the user on another imac but it hasnt shown up in my trash or his?
is there a way to find it?This is normal (if somewhat unfortunate). His system should have warned him that the file would be deleted immediately instead of moved to the trash and asked him if it was OK to to do that.
You'll need to recover it from your backup disk, if you have one. -
Auto logout time different per users
Hello
we are using almost all modules in ECC. So we have 2 kinds of SAP users, the administrative ones and the operational ones.
The administrative ones is using SAP all the day by creating purchase orders, process orders or recording control results by example. When they make an activities in SAP they can completed the task without any interruption.
But we have as well operational users who are using SAP to make physical activities like to place pallet in the warehouse with WM functions and to weight a drum from the PI-sheet in PPPI.
The auto logout is after 15 minutes of inactivity and I don't find how to set it up per users. In deed, the operator in production needs time between each weighing meaning stick label, remove the previous drum, take the new one, write information on the paper batch record, ... The time between 2 actions in SAP is more than 15 minutes. So the operator is automatically logout between each weighing and it takes around 2 minutes to log again and reload the Pi-sheet. By example, to weight 46 drums the operator will lost more than 1,5 hour. It's not acceptable by the production.It increases the production time of 16%.
How can I set up a auto logout time to 15 minutes or less for the administrative users and 1 hour for the production users located in a protected area ( no access by external people) ?
thanks in advance for your answer
regards
V Noirot
PPPI team leadHi,
You can increase the logout time for the endusers. But the power users, throughout the day they will be using the system. This time increase will not affect much on the power users. If you are saving some productive hours by increasing this time out means, you can do this. But it will act similar for both the users.
regards,
V. Suresh -
Reason for message: another user connected via Sharing
For a bunch of reasons I don't want to get into yet I was wondering if someone could explain this to me:
If you have a desktop and laptop connected through your Airport (private network) and you close your laptop without logging out of the network and then log onto another (unprotected) network and then go to restart and you get the message that there is another user connected to you via Apple File Sharing could that be your own unterminated connection from your desktop? Or does it mean that someone went into your system? (and if that is the case is there a way of knowing what if anything was opened and/or uploaded?) TIAEasiest way to look back is with...
With Sharepoints...
http://www.hornware.com/sharepoints/
And...
http://www.hornware.com/afsmonitor/
IIRc, one allows you to enable the logging, then view with the other.... though it says "current" Users, I think it might inclusde history!?
But in the future I will turn the Airport off before putting the laptop to sleep for the night, if that improves the security.
Actually, the reason for disconnecting before Sleep or Moving away, is so as not to confuse the Macs as to who's on first!
During Sleep, the power to the Airport Transmitter & Receiver is cut off to save power... it deaf, dumb, and blind during Sleep. -
How do I find the users connected via afptcp
I want to find the list of users connected to an OES2 Linux server.
Originally Posted by ataubman
Start with the documentation Novell Documentation . If you have further issues, please start your own fresh thread with full problem and system details, as your problem has nothing to do with the OP's.
I've already looked at the documentation and have another thread going, I'm just looking for any info from any source. That source may be watching this thread and not the other. -
How to set IPC JCO user connect to CRM system via 'group'?
Dear expert,
When we do XCM setting for IPC JCO connect, we input the server address directly in 'ashost', such as ashost = dga107.ndpaper.com. However, for CRM server, we have two instance, 107 and 108. Does that mean JCO user will only logon instance 107? Does that mean order will only creat in 107, no order in 108? can we have do some some settings to enable a group logon for the JCO user?
i noticed for base config, there is 'group connect' in dropdown list,how can i config XCM in the group way? is there any instruction?
Thanks~
Hedy
Edited by: Ye Zhang on Nov 3, 2011 4:27 AMHi Ying
I'm pretty sure there is a way but I can't check it right now.
We have such systems where this is set the way you would like it to be, but those are connected to a CUA (central user administration) so the possibility
does exist for regular Dialog users.
Unless it is valid for all users in the systems (which is very likely) that way only admin's in the CUA have authorization to change the password and synchronize it.
Service users is indeed what you are looking and most likely the best solution.
Kind regards
Tom
Edited by: Tom on Feb 1, 2008 10:35 AM -
Customizing single user connection via Windows remote desktop
Hi,
I would like to know if its possible to configure Windows Remote Desktop in a way that if a user is already logged on to a particular computer and another user tries logging in, an error message appears on the screen saying that a user is already
logged on.
I can limit the number of connections to 1 via:
Local Group Policy Editor > Admin Templates > Remote Desktop Services > Remote Desktop Session Host > Connections
However, with this option, the error message that comes up on the screen is the following:
'This computer cant connect to the remote computer, try again or contact the network administrator'.
Is it possible to configure this in a way to let users know why they cant login so they don't think its an IT fault?
We are using Windows 7 on both the clients and the host.
Any advice would be much appreciated..
Thanks,
SeemaHi Milos,
No its not a server operating system.
The PC that we are connecting to is running Windows 7.
We are connecting to it using Windows Remote Desktop.
Thanks,
Seema
Hi Seema,
As Licensing agreement said, for Windows 7, you can only has one connection on this PC via RDP.
If another user wants to connect this PC via RDP, he will be notified you another user who has already logged in.
Kate Li
TechNet Community Support -
Does BPC requires a dialog type user because the jobs are scheduled from the BPC interface?
Hi Gurus,
I am a security person and we have a requirement from BPC functional team that they need a dialog user to schedule jobs. Below is the reply from functional team
"BPC supports only a regular user (dialog) for scheduling jobs and this user-id
requires all the data access inside BPC to run the jobs. So long as the user is
of type dialog and has all the access inside BPC, we should be fine."
My question is Why we need a dialog for something in background. BPC does have a automatically created user BPC_SERVICE which is a System user, can't we use this user instead of a dialog user ? Please advise..
Regards,
SalmanLet me put like this.. Requirement is: For Legal Consolidation run, the authorization required is all data access profiles/task profiles must be assigned to a dialog user else it is failing. Functional is stating that without this access assigned to their regular(dialog) user id the legal consolidation is failing and they also mentions that they can't use system user like BPC_SERVICE to complete this task.
My question: Is BPC is designed like this where we need to give full access to a dialog user to complete a task which runs in background ? -
Get count of users connected to my application via browser but not through console
Hello,
My requirement is to find the no. of active, connected and disconnected users and
inactive time of each user to
my application on weblogic server 5.1.0 sp-10. when i used console it gives only
count of users connected via
console. I need it without starting console. I tried
http://localhost:7001/AdminMain?refreshSecs=60 but this also works same as console.
I also tried using weblogic api in jsp like below but output is 0;
<%@ page import="weblogic.rjvm.*" %>
<%
weblogic.rjvm.RJVMManager rr = weblogic.rjvm.RJVMManager.getRJVMManager();
int Cc = rr.getConnected() ;
int Dc = rr.getDisconnected();
String Name = rr.getName();
int active = rr.getActive();
%>
<html>
<head>
</head>
<body>
Active Users =<%=active%>
<br>
Disconnected Users =<%=Dc%>
<br>
</body>
</html>
Please, reply me asap...
Thank you,
SandeepHi Sandeep,
You might try posting your request to the weblogic.developer.interest.jsp newsgroup.
HTH,
Bruce
Sandeep wrote:
Hello,
My requirement is to find the no. of active, connected and disconnected users and
inactive time of each user to
my application on weblogic server 5.1.0 sp-10. when i used console it gives only
count of users connected via
console. I need it without starting console. I tried
http://localhost:7001/AdminMain?refreshSecs=60 but this also works same as console.
I also tried using weblogic api in jsp like below but output is 0;
<%@ page import="weblogic.rjvm.*" %>
<%
weblogic.rjvm.RJVMManager rr = weblogic.rjvm.RJVMManager.getRJVMManager();
int Cc = rr.getConnected() ;
int Dc = rr.getDisconnected();
String Name = rr.getName();
int active = rr.getActive();
%>
<html>
<head>
</head>
<body>
Active Users =<%=active%>
<br>
Disconnected Users =<%=Dc%>
<br>
</body>
</html>
Please, reply me asap...
Thank you,
Sandeep -
Get count of users connected to my application via browser but not throuhg console
Hello,
My requirement is to find the no. of active, connected and disconnected users and
inactive time of each user to my application on weblogic server 5.1.0 sp-10. when
i used console it gives only count of users connected via console. I need it without
starting console. I tried
http://localhost:7001/AdminMain?refreshSecs=60 but this also works same as console.
Please, reply me asap...
Thank you,
SandeepHello again,
I also tried using weblogic api in jsp file as below but result is 0.
<%@ page import="weblogic.rjvm.*" %>
<%
weblogic.rjvm.RJVMManager rr = weblogic.rjvm.RJVMManager.getRJVMManager();
int Cc = rr.getConnected() ;
int Dc = rr.getDisconnected();
String Name = rr.getName();
int active = rr.getActive();
%>
<html>
<head>
</head>
<body>
Active Users =<%=active%>
<br>
Disconnected Users =<%=Dc%>
<br>
</body>
</html>
"Sandeep" <[email protected]> wrote:
>
Hello,
My requirement is to find the no. of active, connected and disconnected
users and
inactive time of each user to my application on weblogic server 5.1.0 sp-10.
when
i used console it gives only count of users connected via console. I need
it without
starting console. I tried
http://localhost:7001/AdminMain?refreshSecs=60 but this also works same
as console.
Please, reply me asap...
Thank you,
Sandeep -
Is it possible to trace unauthorized users? (via ip address or terminal id)
Hi friends
I was wondering if you can help me out with our Logon Securities predicament: We have set up some generic apps ids that are only known to a handful of users. Regular but unauthorized users are trying to sign-on using these generic ids by guessing the password and end up locking them when they exceed sign-on attempts. Is it possible to trace these unauthorized users? (via ip address or terminal id?) (We are on 11.5.10)
Thanks in advance
AnkurWe look at the time of the failure from the fnd_unsuccessful_logins and then correlate it with the AppsLocalLogin.jsp entries in the apache access logs. The ip address is in the access_log.
If you have a lot of logon failures combined with a lot of logons it may be tough to find the offending users but it might help you. Most of our users connect via SSO so finding our offenders are relatively easy. Very few users logon with AppsLocalLogin in our environment.
Edited by: mcharchu on Feb 5, 2009 9:24 PM
Edited by: mcharchu on Feb 5, 2009 9:25 PM -
A question about tracing users' connections
Dear all,
I would like to know, whether there is a report in SAP
providing information about users connection. What we
are looking for in terms of information is:
1) How many times each user connected to the system?
(for example how many times during each day or each week)
2) How long each session lasted?
3) What standard transactions did each user execute during
each connection?
Is there any report providing such information?
Thanks in advance,
Kind Regards,
DariyooshHi Dariyoosh,
1) How many times each user connected to the system?
SM20 (Information security audit logs ) In USER Statistics and Terminal statistics , you can get enough information .
ST03N
In ST03N (Workload distirbution monitor ) you can find ,what is the workload of individual users and which actions users performed ?
2) How long each session lasted?
In tcode - SM20,you can find detaild activites about users in Users statistics field . Secondly For transcation details ,Please select Transactions statisitcs field .It
will provide you enough information
AL08 Shows you Tcodes using by user time ,external & internalsessions .Also with tcode SM04 You can find list of users .There is USER TAB on top left hand side
You can click on that and select " Techincal Information , you will get informatoin STATE , MODES ,MEMORY COnsumption etc .
3) What standard transactions did each user execute during
each connection?
Pleae use these tcodes :SM20, SM04(users overview) , AL08
Thanks in advance,
Kind Regards,
Maybe you are looking for
-
Warning Query has exceeded 200 rows.
Hello gurus, I am currently getting a warning message when I run a page and click on a tab more than once. The page I am running is a customer html form at the site level. The name of the page is ArAcctSiteOverviewPG. There are 7 tabs on this page. W
-
Dear all, Could you please tell me how to assign a switch to BC Sets? (I knew how to create BC set and create switch, but did not know how to create switch BC set) Thanks,
-
Why I can not download audio book to my iPod after I paid for in my iPhone .
-
I recently instaled this widget called iStat pro which shows the laptop's temperature in different locations such as CPU, Battery and power supply, right now the temperature for some of these locations is 54, 57 the battery is the lowest at 35degrees
-
I just upgraded from LR3.3 to LR5 and can't print now....
I just upgraded from LR3.3 to LR5 and now when printing on my Epson 2880 the image is printing only a portion of my image - not placing it properly on the page as it appears in the print preview. I have checked with Epson and they confirm all my page