DDIC and SAP* locked due to bad logins

Similar Messages

• Unable to access user DDIC and SAP*

  +Hi GURUS,+
  +I installed solutionmanager 4.0 and i loggen in the system(000) with DDIC user and check the TCODE SICK.+
  ++When i restarted the server it was not allow me to login awith user  DDIC and SAP in 000 client.++*
  +It's giving error message:+
  +Password log on nolonger possible too many times failed attempts.+
  ++Could you please help me out is there any way to set DDIC and SAP from windows level(i mean sap inst directry..usr/sap/<sid>/sys/profile)*
  Regards
  JAn

  Hi,
  Unlock it at Database level
  UPDATE usr02 SET uflag = 0 WHERE bname = "SAP*" AND mandt = <client number>
  Or
  Run the sql query at sql prompt and then login to sap with sap* and password "pass".
  SQL> delete from usr02 where mandt=<your login client> and banme='SAP*';
  Rakesh

• DDIC and SAP* changing into usertype system

  In order to secure the Standard Users DDIC and SAP* against misuse i
  planned to change them into SYSTEM accounts instead of DIALOG.
  Is there, in case of a standard SAP implementation, any indications that
  we shouldn´t do this?
  In the guidelines and forums i couldn't find any arguments against
  such a situation.
  The SAP* accounts is further secured by setting the system profile
  parameter 'logon/no_automatic_user_sapstar' to 1.
  Thanks in advance for your reactions.
  With kind regards,
  Edwin Stam

  As of release 7.00 EhP1 there is a new procedure for this.
  See --> Lock DDIC user but keep the RDD* jobs working. and the link to the help.sap.com documentation.
  The users are already blocked from authenticating via trusted RFC. Changing the user type to system will also prevent them from being used on the issuing system for SAP Logon Tickets as well as attaching a SAPGui to a logon session in the backend systems. You can also disable the password in SU01 (which will delete the password hash).
  Alcatraz for standard users...
  Cheers,
  Julius
  Edited by: Julius Bussche on Dec 16, 2009 3:28 PM

• DDIC AND SAP*

  Hi
     Kindly let me know the what is the difference between DDIC and SAP* .
  Selvan

  Hello ,
  SAP* is the only user in the SAP System that does not require a user master record, SAP* has by default the password PASS, as well as unlimited system access authorizations.
  To secure SAP* against misuse, you should at least change its password from the standard PASS. For security reasons, SAP recommends that you deactivate SAP* and define your own superuser.
  The maintenance user for the ABAP Dictionary and software logistics, user DDIC.
  The user master record for user DDIC is automatically created in clients 000 and 001 when you install your SAP System. User DDIC special privileges for certain operations. For example, DDIC is the only user that is allowed to log on to the SAP System during an upgrade.
  "But, in which * Parameter Name* i have to activate"
  login no_automatic_user_sapstar  1

• Different between database lock and sap lock

  Hi All,
  What is different between database lock and sap lock why sap introduced locking mechanism.
  Thanks
  Santosh

  From a database perspective, every dialog step forms a physical and logical unit:
  the database transaction.. The database lock administration can only coordinate
  this type of database transaction. From an SAP point of view, however, this is
  not sufficient, because SAP transactions, which are formed from a sequence of
  logically related work steps that are consistent in business terms, are generally
  made up of several dialog steps. SAP systems need to have their own lock
  management. This is implemented using the enqueue work process. This also
  ensures that the platform-independence of the lock management is maintained.

• When are DDIC and SAP* used in Client 066 and 001

  Hi everyone,
  Can someone please shed some light on when DDIC and SAP* users are supposed to be used in logging into client 066 and 001?
  Your inputs will be greatly appreciated.
  Thanks!
  Divine Grace Banzon

  User DDIC is a user with special privileges in installation, software logistics, and the ABAP Dictionary. The user master record is created in clients 000 and 001 when you install your R/3 System.
  User SAP* is default superuser in SAP System, in the clients 000 and 001. A user master record is defined for SAP* when the system is installed. However, SAP* is programmed in the system and does not require a user master record.
  Hope this will help.
  -Pinkle

• WAS Portal User locked - Due to bad logon

  Hi,
  Is it possible to adjust user's bad logon attemp in WAS portal 6.4?
  If a user enter wrong password more than three time, the system locked that user. It happened three times to admin user. We activated SAP* and unlocked the user.
  If any one knows like how to increase the number of wrong password attempt...it would be great. 
  Thanks,

  Hi,
  For increasing the logon attempts, you have to follow below steps:
  Step 1: Go to <Driver>:\usr\sap\<System ID>\JCxx\j2ee\configtool --> Configtool.bat
  ex: <b>C:\usr\sap\Y76\JC03\j2ee\configtool --> Configtool.bat</b>
  Step 2: <b>cluster-data --> Global server configuration --> services --> com.sap.security.core.ume.service</b>
  select property : "<b>ume.logon.security_policy.lock_after_invalid_attempts</b> = < <b>Enter Number</b>>"
  ex: ume.logon.security_policy.lock_after_invalid_attempts = 6
  Step 3: save
  Step 4: Restart the Engine.

• User locking due to failed login attempts.

  Hi,
  Is there any way to find out the terminal name from which failed attempts made causing locking of user name?
  With Best Regards,
  Rajkumar

  Hi Rajkumar
  I tries if the statistics of transaction STAD show the terminal id, too. However, when experimenting with this it seems to be the case that the terminal ID is only available if you are already authenticated at the system. Therefore, only the Security Audit Log with transaction SM19 and SM20 would log the required information.
  Kind regards
  Frank

• Re: what is difference between sap locking and database locking

  hi,
      what is difference between sap locking and database locking. Iam locked the table mara by using lock objects.
  But iam unable to unlock the mara table. I give u the coding. Please check it.
  REPORT zlock .
  CALL FUNCTION 'ENQUEUE_EZTEST3'
  EXPORTING
     MODE_MARA            = 'S'
     MANDT                = SY-MANDT
     MATNR                = 'SOU-1'.
  call transaction 'MM02'.
  CALL FUNCTION 'DEQUEUE_EZTEST3'
       EXPORTING
            mode_mara = 'E'
            mandt     = sy-mandt
            matnr     = 'SOU-1'.
  IF sy-subrc = 0.
    WRITE: 'IT IS unlocked'.
  ENDIF.

  Hi Paluri
  Here is the difference between SAP locks and Database locks, i will try to find the solution to your code.
  Regards
  Ashish
  Database Locks: The database system automatically sets database locks when it receives change statements (INSERT, UPDATE, MODIFY, DELETE) from a program. Database locks are physical locks on the database entries affected by these statements. You can only set a lock for an existing database entry, since the lock mechanism uses a lock flag in the entry. These flags are automatically deleted in each database commit. This means that database locks can never be set for longer than a single database LUW; in other words, a single dialog step in an R/3 application program.
  Physical locks in the database system are therefore insufficient for the requirements of an R/3 transaction. Locks in the R/3 System must remain set for the duration of a whole SAP LUW, that is, over several dialog steps. They must also be capable of being handled by different work processes and even different application servers. Consequently, each lock must apply on all servers in that R/3 System.
  SAP Locks:
  To complement the SAP LUW concept, in which bundled database changes are made in a single database LUW, the R/3 System also contains a lock mechanism, fully independent of database locks, that allows you to set a lock that spans several dialog steps. These locks are known as SAP locks.
  The SAP lock concept is based on lock objects. Lock objects allow you to set an SAP lock for an entire application object. An application object consists of one or more entries in a database table, or entries from more than one database table that are linked using foreign key relationships.
  Before you can set an SAP lock in an ABAP program, you must first create a lock object in the ABAP Dictionary.

• My firefox locks up routinely on Gmail and Yahoo mail sites. It opens normally, and when I go to the login page, it locks ... in both instances.

  My software locks up while I have Firefox open and am seeking to login to either gmail or yahoo mail.
  It works well until I get to the login screen ... and then locks and will not allow any keyboard or mouse work ... except that I can get to my taskmaster and close Firefox and then everything works.
  Today, for the first time, it did it on another site.
  Is there a 64bit iteration?
  I am using the 32 bit Firefox ... the latest version (This all began with this upgrade) on a 64 bit/Windows 7.
  Thanks. rg

  Hi,
  Please check if this happens in [https://support.mozilla.com/en-US/kb/Safe%20Mode Safe Mode]. Safe mode disables the installed '''Extensions''', and themes ('''Appearance''') in '''Tools''' ('''Alt''' + '''T''') > '''Add-ons'''. Hardware acceleration is also temporarily disabled - the manual setting is '''Tools''' > '''Options''' > '''Advanced''' > '''General''' > [https://support.mozilla.org/en-US/kb/Options%20window%20-%20Advanced%20panel?as=u '''Use hardware acceleration when available''']. All these settings/options/add-ons can also be individually or collectively disabled/enabled/changed in Firefox normal mode to check if an extension, theme, option or hardware acceleration is causing issues. Disabling/enabling hardware acceleration, and some types of add-ons in normal mode may require a Firefox restart.
  [http://support.mozilla.com/en-US/kb/Uninstalling+add-ons Uninstalling Add-ons]
  [http://kb.mozillazine.org/Uninstalling_toolbars Uninstalling Toolbars]
  [https://support.mozilla.com/en-US/kb/Troubleshooting%20extensions%20and%20themes Troubleshooting Extensions and Themes]
  [http://kb.mozillazine.org/Problematic_extensions Problematic Extensions]
  [https://support.mozilla.org/en-US/kb/Options%20window Options]
  You can check the Firefox version via '''Help''' ('''Alt''' + '''H''') > '''About Firefox'''. As of now officially only 64-bit Linux builds exist. There could be unofficial 64-bit Firefox for Windows.

• Document in Easy DMS and SAP DMS is lock cannot be accessed

  Hello Guru,
  Document in Easy DMS and SAP DMS is lock cannot be accessed. when check in Easy DMS the document 123 excel file is not accessible cannot be open, it has an icon on pencil with red circle sign.
  when check in SAP GUi, the padlock is unlock, file cannot be open as well with error (File C:\EasyDMS\SAP_400\PRE1234567890 could not be accessed.
  how can we fixed this and unlock the document excel so that we can open it. Please advise. Thanks

  Hi,
  based on your description it seems to me that this original file is currently checked out for editing. So maybe another user is
  editing this file and so you cannot access it.
  If no other user edits the file you can try to use the function 'Exit Edit mode' in the context menu of EasyDMS. This will checkin the file again and restore the last checked in version.
  Best regards,
  Christoph

• HT201441 I bought an iphone 4*at*t from a craigslist ad. The seller did not restore the phone and when I tried to do it manually it locked the phone and is now asking for the login info. I contacted the seller and he is not responding. What do i do?

  The seller did not restore the phone and when I tried to do it manually it locked the phone and is now asking for the login info in order to do anything with the phone. I contacted the seller and he is not responding. What do i do?

  he knows his ID , if he did all whats in the link he can get his password back ?
  how can i make him call applecare ? is there a way to speak to them from jordan ??
  i have been trying to reach any1 in apple so they can communicate and help my friend (us) to make him remember it .
  am not asking for the password or trying to get into the phone without using it , and i can take my money back though i need to help my friend as well since now he cant use it as well.
  thanks kil

• I got a Iphone 4 from UK and got unlocked in india, can i take the software updates? will my phone get locked due to this?

  I got a Iphone 4 from UK and got unlocked in india, can i take the software updates? will my phone get locked due to this?

  Your phone was "hacked" to unlock it. So, if you update software or restore your phone, it will be re-locked to the carrier it was originally locked to in the UK.

• I have a ipad which has been locked due to the owner claiming it was lost.  I have had the serial no. checked and it is not stolen but I can't use it.

  i have a ipad which has been locked due to the owner claiming it was lost.  I have had the serial no. checked and it is not stolen but I can't use it.  I have talked to the owner many times who refuses to give me the password or has no idea what password was used.

  Unfortuinately there is nothing that can be done.
  If its locked its locked.  This is a theft deterrant mechanism.
  If you could unlock "stolen" ipads then there would be no purpose for the feature.
  You will have to convince the owner you bought it correctly, or accept its no lonnger usable by you until the original owner removes the lock.

• I updated an iPod touch, an iPad 2, and an iPhone 4 to iOS 6, and all of them now will not connect to WiFi. They all give this wierd 404 error page from Apple and insist that I need to login to the network. Bad job testing the software Apple.

  I updated an iPod touch, an iPad 2, and an iPhone 4 to iOS 6, and all of them now will not connect to WiFi. They all give this wierd 404 error page from Apple and insist that I need to login to the network. What's the fix? None of the recommended fixes work in any of these devices. Reset device, reset network, renew lease, etc. None of them work.

  Does the iPod work OK?
  Does it charge when connect to the computer?
  Does it appear in My Computer?
  Look at the dock connector on the iPod. Compare with the iPod that does work/connect.
  I suspect you have a 2G iPod. Those can only go to iOS 4.2.1
  http://support.apple.com/kb/HT1353#iPod_touch_late2009
  iPod touch (3rd generation)
  iPod touch (3rd generation) features a 3.5-inch (diagonal) widescreen multi-touch display and 32 GB or 64 GB flash drive. You can browse the web with Safari and watch YouTube videos with Wi-Fi. You can also search, preview, and buy songs from the iTunes Wi-Fi Music Store on iPod touch.
  The iPod touch (3rd generation) can be distinguished from iPod touch (2nd generation) by looking at the back of the device. In the text below the engraving, look for the model number. iPod touch (2nd generation) is model A1288, and iPod touch (3rd generation) is model A1318.