Unlock SAP user with old password at db level (sap* include) by update uflag

** Myself
Remember old password and unlock user (Example user DDIC client 000)
1. for MS SQL   -> SQL Analyzer
UPDATE prd.USR02 SET UFLAG =0 WHERE MANDT=000 and BNAME ='DDIC'
## prd = db name2. logon sapgui go to other client
-- al12
-- edit
-- reset buffer-->single key buffer
-- table: usr02
-- select : Invalidate
## table usr02 จะไปขอ refresh เฉพาะtable นี้เท่านั้นคับ ไม่ส่งผลต่อ perf
วิธีนี้สามารถใช้ได้กับทุก client คับ แต่ในกรณี จำ password ได้ กับการโดน lock ด้วย system,rfc,ใส่ password ผิดคับ
 
กรณีจำ password ไม่ได้ ต้องการ Reset password  “sap*” user เดิมกลับมาเป็น  “Pass” (ตัวอย่างใช้ client 000) แต่ profile ต้อง enable sapstar user ด้วย
1. Reset password sap* ถ้าใช้ MS SQL   เข้า SQL Analyzer
delete from SAPSR3.USR02 where mandt='000' and bname='SAP*';


History user of sap for client sap* ,ddic and client 066
SAP R/3 installation comes pre-configured with certain special user profiles with privileged access. These user ID’s are SAP*, DDIC and EARLYWATCH. I a discussing each of these ID’s with what can be done with it below. Here goes…
SAP* - Clients 000 and 001 include the default super user ID SAP*. The SAP* user id comes pre-installed in SAP. It is for this reason that it does not need a master record. When a SAP installation team is installing SAP, a user master record is defined for SAP*. The user password for SAP* user id is 06071992. One small detail which needs to be looked at is in case SAP* user master record is deleted, the user can use the password SAP* PASS. SAP bypasses all authorization checks when user logs on again using SAP*.
DDIC – DDIC user id is used to maintain the ABAP/4 dictionary. At the time of SAP R/3 installation DDIC is created automatically in clients 000 and 001. The password for user ID DDIC is 19920706. Since, it is a critical user id which can access R/3 during the new installation, it should be handled carefully. Password for DDIC user id should be changed immediately. However, this user id should never be deleted, since same can be used for installation and setup.
EARLYWATCH - EARLYWATCH user id comes standard with client 066 in SAP. The default password for EARLYWATCH user id is SUPPORT. With EARLYWATCH user id, one can access the data for monitoring and performance. Normally, SAP Earlywatch experts work with this user id. Password for Earlywatch should be changed, however, one should never delete the id. One SAP consultant told me that as a best practice Earlywatch user id should be used only for Earlywatch functions rather than asa generic user id.
A standard SAP system has a number of clients.
In client 000, 001 and 066 user :
SAP* has the password 06071992.
In 000 and 001 user :
DDIC has the password 19920706.
User SAPCPIC in client 000 has the password ADMIN.
User EARLYWATCH in client 066 has the password SUPPORT.
You should also take care of database users.
Oracle standard user SYSTEM has the password MANAGER,
SYS has password 'change_on_install' and SAP-created user SAPR3 has the password SAP.
In MSSQL the user 'sa' has no password.

0 comments:

Loading