User getting Locked after 1 day

Hi All,
I am facing an issue...a particular user in our SAP ECC 5.0 system is getting locked after every one day, I checked the configuration in SU01 but everything seems to be fine there.
Please help regarding this issue.
Thanks in Advance
Regards,
Prashant.

Dear Prashant,
Have you activated user trace.If yes then monitor that user ID.It wont be possible that only 1 particular user is getting locked (correct me if I am wrong).There can be a possibility that somebody is deliberately entering wrong password for his ID any other terminal.
If you have activated user trace then you can easily monitor that user ID and even the terminals from where his ID has been accessed.
PS: I might be wrong,so please update me with the latest.
Regards,
Ashutosh

Similar Messages

  • SAP BW User getting locked by BO RFC calls

    Hi,
    we are encountering a problem with BO RFC calls locking SAP BW users that recently changed their password in BW.
    Description of the problem in the ticket we raised at the SAP support:
    SAP BO 4.1 SP2 Patch 4, linux installation
    Backend: SAP BW 7.01 EHP8
    BICS interface with SAP authentication
    One of our users gets locked again and again in SAP BW (P19). The cause is a RFC connection that the BusinessObjects server (P59) tries to establish. The user used SAP BO last Friday for the last time and had to change his password in P19 this Tuesday. We think that there is some
    process within SAP BO still trying to connect to SAP BW from time to time, using the old password. There is no open session visible for that user in the CMC. User is even getting locked when not in the office and during night time. RFC calls are established almost regualary every hour.
    We already had this behaviour in our test-system. Restarting the BO-Server solved it. However, this is not the solution we want to use
    in the productive environment. There has to be some way to kill the process that uses the old password on the BO server without restarting
    the whole server. We do not understand why BO would still try to connect to BW with the old password - this has to be some kind of a bug.
    Meanwhile the error disappeared for the first user (some days after it started, maybe the BO process ran into a timeout). However, other users started having the same behaviour after changing their password.
    Our basis team tried to check the log files for advanced information on the conversations between BO and BW, but did not find any hints on which BO process might try to establish the connections.
    The SAP support seems to be a little helpless at the moment...
    Has anyone had similar problems?
    Regards,
    Robert

    Hi again,
    additional information: after approximately one week after the error appeared for the first time BO stops trying to establish the rfc connection for this specific user. Almost as if the "old-password-BO-process" ran into a 1 week timeout or something like that.
    The problem is really strange. The SAP support is still not able to tell us how the gather the information they require.
    Regards,
    Robert

  • User gets locked in lesser attempts than security policy setting

    Hi
    I have written my customized login code to login a user to the
    portal and I user the following code:
    IUser myUser = UMFactory.getUserFactory().getUserByLogonAlias(username, null);
    IUserAccountFactory accountFactory = UMFactory.getUserAccountFactory();
    IUserAccount account = accountFactory.getUserAccountByLogonId(myUser.getUniqueName());
    ILogonAuthentication ILA = UMFactory.getLogonAuthenticator();
    req.setAttribute(JUSER,myUser.getUniqueName());
    req.setAttribute(JPASSWORD,password);
    ILA.logon(req,res,AUTHSCHDEFAULT);     
    I notice that whenever I try to logon using my code with a
    wrong password, the user gets locked in 3 attemps even though the security policy
    (at ABAP and in Portal UME Configuration) setting for number of failed attempts is set to 5.
    (Although, please note that my code works fine logging the
    user into the portal when he enters the correct password)
    I try to check if the same thing happens with the standard logon module - com.sap.portals.runtime.logon,
    and notice that it locks correctly after 5 attempts.
    Would I have to add anything else in my code to make it work
    correctly?
    Thanks
    oj

    Hi All
    I tried to check in the CUA table the incorrect logon attempts value, and noticed that for every time I login (using my above code) with the wrong password, it increments the count by 2!! And that's the reason it gets locked out by the third time.
    What am I doing wrong?
    Thanks
    OJ

  • User gets locked by an external system but which one?

    Hi,
    In an abap system, we have changed the password of our administration user. Afterwards, this user gets locked every 5 minutes, obviously because the user and old password has been used to set up communication from another system to the abap system. An RFC connection for instance or whatever. Sure it is possible to check all the systems you can think of to see if the user has been used for such a purpose. But how can you see in the system itself where the call comes from that locks it? I have tried the gateway tracefile but without success. Any suggestions?
    Regards,
    GK

    Hello,
    I would try transaction STAD.
    There you should find entries of type RFC with your user.
    If you double-click on the line, you get the details. Click on the RFC button.
                                  as Client             as Server
    No. of targets                   0                     1
    Click on the highlighted 1 under "as server".
    You should get the needed info : the remote destination
    Target         TEST_DEV
    User ID        TESTOC
    RFC Caller     OCHRETIE
    Local  destin. bt1suk17v1_DEV_02                IP address xx.xx.xx.xx
    Remote destin. bt1suk16v1_DXI_68                IP address yy.yy.yy.yy
    Hope this helps
    Olivier

  • Impact of J2EE_ADMIN / Administrator user getting locked

    Hi,
    What is the impact of J2EE_ADMIN / Administrator user getting locked in abap / java engines?  Will it effect startup of java server processes or java applications?  What are the other implications?
    Thanks,
    Abdul

    Hi Abdul,
    if the J2EE_ADMIN or Administrator user is locked then
    1. you cannot login to Visual Admin unless you define some other user with same authorization.
    2. any Jco-RFC using this user won't work.
    3. if you don't have any other user, you will have to activate SAP* user to unlock this user.
    Thanks,
    Sandeep

  • The buttons in main the vi get locked after opening a vi reference in a subpanel and using buttons within the subpanel.

    I am trying to open a reference to a vi in the subpanel of the main vi. However after the vi opens in the subpanel and after pressing a few buttons in the subpanel the buttons in the main vi get locked, i.e. I can't even close the main vi or control anything else. Is there any way how I can avoid this happening?

    > The buttons in main the vi get locked after opening a vi reference in
    > a subpanel and using buttons within the subpanel.
    >
    > I am trying to open a reference to a vi in the subpanel of the main
    > vi. However after the vi opens in the subpanel and after pressing a
    > few buttons in the subpanel the buttons in the main vi get locked,
    > i.e. I can't even close the main vi or control anything else. Is there
    > any way how I can avoid this happening?
    This is most likely happening because in either the top or sub panel,
    there is an event structure that is queuing events, and is set to lock
    the panel until the events are handled, and because of the logic in the
    diagram, the events aren't being pulled from the queue.
    So, you have a deadlock. You are waiting
    on the panel. The panel is
    waiting on the diagram. And the diagram is waiting on something else.
    So, if there are indeed event structures involved, determine where in
    the diagram things are delaying. Also, if you do not need the panel to
    lock until the event is handled, you can change the setting in the
    events dialog on the structure. But the events will still be queued
    until the diagram starts executing.
    Greg McKaskle

  • Hi my iPhone 4 is stolen, I ve on it Igotya app. It sent me the pic and location of the *******. I don't know what to do next; a question plz does the phone get locked after 3 times of entering wrong password lock, thanks

    Hi my iPhone 4 is stolen, I ve on it Igotya app. It sent me the pic and location of the *******. I don't know what to do next; a question plz does the phone get locked after 3 times of entering wrong password lock, thanks

    What To Do If Your iDevice Is Lost Or Stolen
    If your iPhone, iPod, iPod Touch, or iPad is lost or stolen what do you do? There are things you should do in advance - before you lose it or it's stolen - and some things to do after the fact. Here are some suggestions:
    Reporting a lost or stolen Apple product
    What-To-Do-When-Iphone-Is-Stolen
    Lost or Stolen iPhone? Here’s What to do.
    6 Ways to Track and Recover Your Lost/Stolen iPhone
    It pays to be proactive by following the advice on using Find My Phone before you lose your device:
    Find My iPhone
    Setup your iDevice on MobileMe
    How To Set Up Free Find Your iPhone (Even on Unsupported Devices

  • I have removed the passcode from my ipad but still it is getting locked after sometime what can be reason for this?

    I have removed the passcode from my ipad but still it is getting locked after sometime what can be reason for this?

    Can you pls guide that when I am restoring my ipad from itunes do i need to restore as new or from backup?????
    Also is this problem  realted to using same apple id for two ipad..... Pls help and regarding ur suggesting of messing with my ipad , I will keep a check ..

  • User getting locked while sending message sync via BPM. Please help

    Hi Experts,
       I have a sync - sync scenario where I am sending data synchronously from webservice to a sync RFC FM. I am using BPM and in BPM I have three steps
    1. Receive step - Opens Sync-Async Bridge
    2. Sync Send step
    3. Send step - Closes SYnc-Async bridge.
    This BPM solution is same as that give in the blog https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/1403 [original link is broken] [original link is broken] [original link is broken]
    When I test this scenario I am getting
    <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="1">
    <SAP:Category>XIServer</SAP:Category>
    <SAP:Code area="INTERNAL">PL_TIMEOUT</SAP:Code>
    <SAP:P1 />
    <SAP:P2 />
    <SAP:P3 />
    <SAP:P4 />
    <SAP:AdditionalText />
    <SAP:ApplicationFaultMessage namespace="" />
    <SAP:Stack>Timeout condition of pipeline reached</SAP:Stack>
    <SAP:Retry>N</SAP:Retry>
    </SAP:Error>
    When I check the "Status monitor for Sync/Async communication" via SXMB_MONI, I found that my message is listed there with BPE status = "Wait".
    On double clicking my message I found that there is an error " User is locked. Please notify the person responsible".
    Why is my BPE struck in "Wait" stage and user is locked?
    What am I doing wrong? Am I missing any settings in SOAP sender communication channel?
    Please help me in resolving this problem.
    Regards
    Gopal

    Hi,
    Few months ago we had also problems with "locked user" in XI, in our case XIAPPLUSER was sometimes (b)locked.
    Perhaps note:
    721548 Changing the passwords of the XI 3.0 service users
    will help you.
    We removed and entered the service users again, with the password in CAPITALS and language blank.
    After that our problem was solved, I hope yours too.
    Regards
    Jack

  • SLD User gets locked; four unsuccessful logons every 15 minutes

    I have a landscape with a PI with the SLD on it. I defined a user with the name SLDUSER and the appropriate authorizations. The PI is a Unicode system, like all systems in the landscape.
    There were already some application servers (CRM, Banking Services, Composition Environment) connecting to this SLD and everything went fine.
    Now I added another application server, an ERP, for FI-CAx (NW 7.02). As the business partners are distributed via XI through the PI system, the ERP needs to connect to the SLD, too.
    I set it up as usual:
    - sldapicust: host, port, SLDUSER, password. (What is weird is that there is no test button as in all the other systems ... maybe that depends on the installed EhPs.)
    - This generated the destinations (type T = TCP/IP) SLD_UC and SLD_NUC automatically.
    - I created destinations SAPSLDAPI and LCRSAPRFC manually in sm59, type T = TCP/IP, set them to Unicode, entered the same (two different) Registered Server Programs that are used in these destinations on all the other servers (CRM, PI, BaS).
    - I ran rz70, entered the host and gateway, activated, executed the data collection.
    SLDCHECK runs successfully on the ERP system!
    The technical system for the BS1 showed up in the SLD as expected.
    - I configured the clients / business systems on the SLD.
    Now begins the problem. The SLDUSER is now getting locked all the time! It's definitely the ERP system causing it - when I prevent it from accessing the PI (by changing the hosts file on the operating system), the problem stops.
    I activated everything critical related to logons and RFCs in sm19 and looked at the logs in sm20. This is what it looks like:
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Password check failed for user SLDUSER in client 001
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 1, Type = U)
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Password check failed for user SLDUSER in client 001
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 1, Type = U)
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Password check failed for user SLDUSER in client 001
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 1, Type = U)
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Password check failed for user SLDUSER in client 001
    17.08.2011     19:40:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 1, Type = U)
    17.08.2011     19:55:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Password check failed for user SLDUSER in client 001
    17.08.2011     19:55:04     BNK_RFC     ilbnkpi1          SAPMSSY1     User SLDUSER Locked in Client 001 After Erroneous Password Checks
    17.08.2011     19:55:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 1, Type = U)
    17.08.2011     19:55:04     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 53, Type = U)
    17.08.2011     19:55:05     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 53, Type = U)
    17.08.2011     19:55:05     BNK_RFC     ilbnkpi1          SAPMSSY1     Logon Failed (Reason = 53, Type = U)
    And it goes on like this. So what happens is this: Every 15 minutes, at :10, :25, :40, :55, there are four unsuccessful logons with SLDUSER. With the fifth logon it gets locked.
    Again:
    - This stops when I make the PI inaccessible to the ERP.
    - SLDCHECK still works completely fine in ERP - until the SLDUSER is locked, of course; then it stops working in all connected systems. It does not result in unsuccessful logons on the PI.
    - When I run rz70 on the ERP and run the data collection this also reports success and does not create unsuccessful logons on the PI.
    - I have not used the SLDUSER in any other locations besides sldapicust.
    So what the hell is wrong with this system?!

    I have created a separate user SLDUSER_ER1 just for use in the sldapicust in the new ERP system that causes the problem. Still SLDUSER is getting locked (not SLDUSER_ER1)!
    I powered down this ERP system ER1, just to make absolutely sure it is causing the problem - indeed the unsuccessful logon attempts every 15 minutes stopped right away.
    As a workaround and for narrowing down the problem I have created separate users SLDUSER_CR1 etc. for each of the other systems in the landscape (CRM and so on) - indeed those do not get any unsuccessful logon attempts.
    I have deleted all four SLD-related destinations in ER1 and recreated them from scratch (SLD_NUC and SLD_UC being generated when running rz70). I also used the "delete all batch jobs" button in rz70.
    Still, SLDUSER is getting locked.
    I checked on the PI system in C:\usr\sap\PI1\DVEBMGS00\j2ee\cluster\server0\log\system\httpaccess\responses_00.0.trc and see it is indeed the IP of the ERP system that gets the error 401 exactly at the times when the unsuccessful logon attempts occur:
    [Oct 2, 2011 2:46:06 PM   ] - 10.26.83.234 : POST /sld/cimom HTTP/1.1 401 1499 [140]
    [Oct 2, 2011 2:46:06 PM   ] - 10.26.83.234 : POST /sld/cimom HTTP/1.1 401 1499 [79]
    [Oct 2, 2011 2:46:06 PM   ] - 10.26.83.234 : POST /sld/cimom HTTP/1.1 401 1499 [62]
    [Oct 2, 2011 2:46:06 PM   ] - 10.26.83.234 : POST /sld/cimom HTTP/1.1 401 1499 [47]
    As the ERP has no Java instance and the sldapicust does not contain the SLDUSER (but the new SLDUSER_ER1) it is a mystery to me what it is that is still running every 15 minutes in the ERP and tries to use SLDUSER.
    I went through the entries in SECSTORE and could not find any use of SLDUSER (only of SLDUSER_ER1, as it should be).
    Edited by: Monika Eggers on Oct 2, 2011 3:08 PM

  • J2EE_ADMIN user getting locked frequently

    Hi SAP Guru's,
    The user J2EE_ADMIN in our nw2004s system is getting locked frequently. We have changed the password of this user in ABAP via SU01 & in JAVA in the secure store via configtool. The server was re-booted after doing these changes. Still the user J2EE_ADMIN is getting locked frequently. Also in SM21, we have a log <b>"J2EE_ADMIN locked due to incorrect logon"</b> for this locking which mentions the user as SAPJSF (Communication user between ABAP & JAVA).
    Is there a possibility that SAPJSF is locking the user J2EE_ADMIN ?? how & why ??
    Any help on this will be highly appreciated.
    Thanks,
    Sanjeev.

    have you solve this issue? we have the same!
    every half hour (xx:51:00 and xx:29:00), the J2EE_ADMIN user is locked by user SAPJSF transaction KRNL from the local host (terminal).
    We have changed the pass in secure store in configtool to the pass we used in abap.
    In "Visual Administrator" "Cluster>Server>Services-->Security Provider" the user have a checked box at "No password change required"
    We searched for other places with a wrong pass (Jco Connections = no J2EE_ADMIN used, SLD = no J2EE_ADMIN used), but found nothing.
    need help pls.
    regards
    chris

  • How to make one user get locked to edit when another user is editing??

    Dear friends,
    In the webdynpro application option is given to controll the editability of the UI elements using edit button.When the same application is logged in by another user for ex: B , he should get a prompt saying user A is editing the page.
    How to implement this ??and what is the best approach for this please advice.
    Thanks in advance.

    The best way I could think of and what we implemented is:
    Creatin a DB Lock Object around data which you want to work upon.
    Requesting a lock when some one opens up a session for editing, if granted then go in edit mode else go in display\ read only mode with a message.
    Release lock after save.
    Regards
    Manas Dua

  • APPS USER GETTING LOCK

    After changing password of APPS user, while accessing application, 'APPS' user is getting lock. Checked that 'password' of 'APPS_TO_APPS' and 'EDW_APPS_TO_WH' did not changed.
    Ran Autoconfig -still account is getting lock.

    Pl see if that APPS database account has a profile set. I believe ATG RUP4 add a profile to the APPS database account and after x number of unsuccessful logins, it locks the account, making the instance unusable. See ML Note 556761.1 that describes a related issue. If a profile is indeed set for the APPS account, pl remove it.
    HTH
    Srini

  • Keyboard is getting locked after the first keypres...

    Guys, i have a serious trouble with my N900. Whenever i unlock my phone and start typing (it can be anywhere, new messages, contact selection or any typing on any websites) , after the first keypress, the keayboard is getting locked. And also i get the volume increase notification and the volumes goes up and up automatically.. After this, this process (vlume increase) happens in regular interval. And the wiered thing is whenever i make a call, the volume goes down and muted.. If it is not website or if any imnage is open, the page/image is getting zoomed to the maximum level.. 
    What could bethe problem? Any software update needed or any hardware problem..? I didnt install any applicaion recently..
    Pls help guys..
    Rob..

    Your welcome
    It that white star if it worked ;D
    Cheers mate
    "You may loose faith on us.. But never in your selves! From here, the fight will be your own.."
    _____________[Protect Transformers]_____________

  • CUA SU10 issue with users getting locked

    I did some role change using SU10 on CUA central system for 200 users. 45 of the users got locked with global admin lock in the child system for which I made the role changes.  These user locks are shown in the child system change documents log as changes by the CUA RFC user. I have this problem everytime I use su10. Why does this happen?  What can I do about it? Thanks, KT

    Hi Todd,
    propably you have some inconsistencies in your landscape....
    the cause of such 'unwanted' effects is the fact that if you change a user in your CUA central system, the whole user information is picked, then edited with you changes and afterwards distributed to all child systems.
    So what I could imagine in your example is as follows:
    User has a global lock in central system already, the particular child system did not have that information (user is still unlocked there). Several causes are possible, for instance the lock idoc did not get processed, Child system was not available/connected to CUA when the lock had been set,......).
    At the next update of that user (assign a role), the lock information from the central system is pushed to that child.
    Why?
    Because the design is to assure data consistency between central and child system. Therefore all the user information from central system is pushed to child at any user change. (that is also why you will see in SCUL 3 idocs for each user change (also user and profile idocs are pushed, even if you have changed the role assignement only).
    So what you could check is, if that users got the lock flag (128) already in the past somewhen.
    b.rgds, Bernhard

Maybe you are looking for