Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

How to Find log for Worng password attempt

Former Member
0 Kudos
7,095

Hi friends,

This may not be the perfect forum for posting this question but I believe this wont b against any rules.

I am suffering from User locked due to Too Many Failed Attempts.

I just want to know is there any Tcode to find such log where i can find who exactly tried to log in the system with wrong attempts?

12 REPLIES 12

Former Member
0 Kudos
2,114

Check Table USR02 Field LOCNT gives the no of incorrect login attempts

0 Kudos
2,114

Hi karan,

I've already tried USR02 but then it doesnt show from which machine the user has entered wrong password.

We could've found it from SM20 but then the AUDIT log is not activated on our Development server.

Is there any other way to find it ?

Former Member
0 Kudos
2,114

Hi Yogesh,

refer this link you will get info on userid and password details

http://help.sap.com/saphelp_nw04s/helpdata/en/ee/10df3d0eb8af5ee10000000a114084/frameset.htm

Thanks and Regards,

Syf

0 Kudos
2,114

I am sorry my friend, that link is also not useful..

Former Member
0 Kudos
2,114

Hi Yogesh,

Try running the report RSUSR200.

But lets say i put your user id and try to login and lock your user id, i don't think there is any way you can trace my user ID as i don't leave any trail in this case as i have never used my ID anywhere.

Any way we can wait for other replies

See if the report is useful to you

Regards

0 Kudos
2,114

Your suggestions are welcome..

Former Member
0 Kudos
2,114

Yogesh Karanjikar ,

check the t code - SM19-security audit : display configuration of all instance.

and click the detail display button . hope this is u r need ..

if not revert me back .

thanks

chinnaiya

0 Kudos
2,114

Hi chinnaiya,

I tried it , the security audit is not activated on my DEVELOPMENT server.

I can trace the same on my QAC and PRD server through SM20.

Former Member
0 Kudos
2,114

hi friend

go to SUIM t-code.

expand the user node

execute the with unsuccessful logons.

i hope it l solve .

regards

suren.s

0 Kudos
2,114

Hi Surender,

Thanks for your suggestion,

but SUIM doesn't give me the terminal from where the user tried to log into the system with wrong passwords...

bolanos_raul
Discoverer
0 Kudos
2,114

Hi, with the Transaction SE91 you'll find the terminal if is this what you need.

pboryczka
Newcomer
2,114

Hi,

Go to SM21, you can find there list of systems messages, you need to find US1 - message ID (User USERNAME locked due to incorrect logon). You have to get details of log, and in Session details you can find Terminal.

Regards
PB