Problem solve Get help with specific problems with your technologies, process and projects.

Take your user accounts up-to-date

This program will help you to block accounts which have not been used for a while.

This program will help you to block accounts which have not been used for a while (ex : create a monthly job which...

blocks all accounts not used for 3 months). Or you can also block accounts created few weeks ago and never been used since (initial password is still Ok, which is a very dangerous "open door" in your system).

REPORT Z_ADM_BLOQUE_USER        MESSAGE-ID 00
                                NO STANDARD PAGE HEADING
                                LINE-COUNT 58
                                LINE-SIZE 170.

************************************************************************
* Ce programme permet de bloquer ou faire la liste des utilisateurs
* non logues depuis x jours et/ou crees depuis y jours
************************************************************************
* Benoit DELPORTE (Integris)
* le 03/09/2001
* 4.0B
************************************************************************
*                            MODIFICATIONS
*
************************************************************************

TABLES : USR02,                        "Donnees Logon
         USR21, ADRP, ADCP.            "Donnees utilisateurs

************************************************************************

INCLUDE <ICON>.                        " pour liste des icones

DATA : BEGIN OF T_USER OCCURS 0,
  BOX,
  CLASS LIKE USR02-CLASS,
  BNAME LIKE USR02-BNAME,
  UFLAG LIKE USR02-UFLAG,
  ERDAT LIKE USR02-ERDAT,
  TRDAT LIKE USR02-TRDAT,
END OF T_USER.

DATA : W_NB_USER TYPE I,
 W_COLOR,                              "top couleur
 W_SEL_COUNT LIKE SY-TABIX,            "total users select=E9s
 W_INIT_COUNT LIKE SY-TABIX,           "total users =E0 initial
 W_BLOQ_COUNT LIKE SY-TABIX,           "total users bloqu=E9s
 W_IND LIKE SY-TABIX,                  "index ligne ecran
 W_CODE LIKE SY-DYNNR.                 "LOCK ou ULCK

************************************************************************

SELECT-OPTIONS : S_BNAME FOR USR02-BNAME.
PARAMETERS : P_ERDAT LIKE USR02-ERDAT OBLIGATORY,   "date creation
             P_TRDAT LIKE USR02-TRDAT. "date dernier login

SELECTION-SCREEN SKIP.                 "Bloc 1 (userid,date...)
SELECTION-SCREEN BEGIN OF BLOCK CHOIXTRT
                 WITH FRAME TITLE TEXT-101.
PARAMETERS : P_LIST RADIOBUTTON GROUP G1,
             P_BLOC RADIOBUTTON GROUP G1,
             P_DEBL RADIOBUTTON GROUP G1.
SELECTION-SCREEN END   OF BLOCK CHOIXTRT.

SELECTION-SCREEN SKIP.                 "Bloc 3 Edt bloquee ou non
SELECTION-SCREEN BEGIN OF BLOCK FILTREBLOC
                 WITH FRAME TITLE TEXT-102.
PARAMETERS : P_SEL AS CHECKBOX.
SELECTION-SCREEN END   OF BLOCK FILTREBLOC.

************************************************************************
INITIALIZATION.
  P_ERDAT = SY-DATUM - 30.
  P_TRDAT = SY-DATUM - 30.

************************************************************************
TOP-OF-PAGE.

* Affichage de l'entete
  IF P_BLOC = 'X'.
    WRITE : / 'Le ', SY-DATUM,         "date traitement
            40 'Controle Acces SAP: BLOCAGE des Utilisateurs',
           130 'Page n=', SY-PAGNO.
  ELSEIF P_DEBL = 'X'.
    WRITE : / 'Le ', SY-DATUM,         "date traitement
            40 'Controle Acces SAP: DEBLOCAGE des Utilisateurs',
           130 'Page n=', SY-PAGNO.
  ELSE.
    WRITE : / 'Le ', SY-DATUM,         "date traitement
            40 'Controle Acces SAP: LISTE des Utilisateurs',
           130 'Page n=', SY-PAGNO.
  ENDIF.

  SKIP 1.
  FORMAT COLOR COL_HEADING.
  WRITE : /4  TEXT-001,                "userid
           19 TEXT-002,                                     "nom
           50 TEXT-003,                "prenom
           80 TEXT-004,                "domaine
           95 TEXT-005,                "bloque
          115 TEXT-006,                "date creation
          130 TEXT-007.                "dernier login
  FORMAT COLOR COL_HEADING OFF.
  SKIP 1.

************************************************************************

START-OF-SELECTION.

* Controle du droit d'acces : seulement pour administrateur habilitation
  SET PF-STATUS 'LIST'.

* Recherche des utilisateurs a lister
  SELECT BNAME CLASS UFLAG ERDAT TRDAT
         INTO CORRESPONDING FIELDS OF TABLE T_USER
         FROM USR02
         WHERE BNAME IN S_BNAME
           AND BNAME NOT LIKE 'SAP%'   "Elimination SAP*
           AND BNAME NOT LIKE '%ADM'   "Elimination Administrateur
           AND BNAME <> 'EARLYWATCH'
           AND BNAME  <> 'DDIC'        "Elimination DDIC
           AND ERDAT <= P_ERDAT
           AND TRDAT <= P_TRDAT
           AND USTYP = 'A'.            "Type A seulement (dialogue)

** Affichage de la liste
  LOOP AT T_USER.

* Remote security :  check remote user authorisation
    AUTHORITY-CHECK OBJECT 'S_USER_GRP'
            ID 'CLASS' FIELD T_USER-CLASS
            ID 'ACTVT' FIELD '05'.

* Edition ou non des users bloques
    IF P_SEL = 'X' AND NOT T_USER-UFLAG IS INITIAL.
      ADD 1 TO W_BLOQ_COUNT.           "compteur bloques
      CONTINUE.
    ENDIF.

    ADD 1 TO W_SEL_COUNT.

** Recherche des autres donnees utilisateurs
** Acces table USR21
    CLEAR USR21.
    SELECT SINGLE * FROM USR21
                  WHERE BNAME = T_USER-BNAME.

** Acces table ADRP
    CLEAR ADRP.
    SELECT SINGLE NAME_FIRST NAME_LAST
           INTO CORRESPONDING FIELDS OF ADRP
           FROM ADRP
           WHERE PERSNUMBER = USR21-PERSNUMBER
             AND DATE_FROM <= SY-DATUM.

** Affichage d'une ligne

    WRITE : / T_USER-BOX AS CHECKBOX.
    FORMAT COLOR = 4.
    WRITE :        T_USER-BNAME UNDER TEXT-001. "Display Userid
    FORMAT COLOR = 2.
    WRITE : ADRP-NAME_LAST(20) UNDER TEXT-002,       "Display Nom
            ADRP-NAME_FIRST(20) UNDER TEXT-003,      "Display Prenom
            T_USER-CLASS UNDER TEXT-004.   "Display Domaine

    IF NOT T_USER-UFLAG IS INITIAL.    "test si bloque (diff de 0)
      ADD 1 TO W_BLOQ_COUNT.           "compteur bloque
      FORMAT COLOR = 6.                "icon_locked in red
      WRITE : ICON_LOCKED AS ICON UNDER TEXT-005.
      WRITE : '** Bloque **   '.
    ENDIF.

    FORMAT COLOR = 2.                  "Next text will be in white.

    WRITE :   T_USER-ERDAT UNDER TEXT-006,
               '          '.
    IF T_USER-TRDAT IS INITIAL.        "When no logon date is 'initial'
      IF W_COLOR IS INITIAL.           "...and
        FORMAT COLOR = 7.              "...'initial' is in purple
        W_COLOR = 'X'.                 "top inversion couleur
      ELSE.                            "...else
        FORMAT COLOR = 3.              "...'initial' is yellow
        W_COLOR = ' '.                 "top inversion couleur
      ENDIF.
      WRITE 'Initial   ' UNDER TEXT-007. "write 'initial' on
      ADD 1 TO W_INIT_COUNT.           "compteur Initial
    ELSE.
      WRITE: T_USER-TRDAT UNDER TEXT-007. "Display the last logon date
    ENDIF.
  ENDLOOP.

** Affichage fin de liste
  FORMAT COLOR COL_TOTAL.
  ULINE.
  SKIP 2.
  WRITE: / W_SEL_COUNT, 'Utilisateur(s) selectionne(s)'.
  WRITE: / W_INIT_COUNT, 'Utilisateur(s) a INITIAL'.
  WRITE: / W_BLOQ_COUNT, 'Utilisateur(s) BLOQUE(S)'.

************************************************************************

* Fonctionnement en Arriere Plan :
*    table interne t_user :  mise a 'X' de tous les box a ' '
*    puis mise a jour dans base SAP (gere-compte)

  IF SY-BATCH = 'X'.
    CHECK P_LIST <> 'X'.
    T_USER-BOX  = 'X'.
    IF P_SEL = 'X'.
      MODIFY T_USER TRANSPORTING BOX
             WHERE BOX = ' '
               AND UFLAG = 0.
    ELSE.
      MODIFY T_USER TRANSPORTING BOX
             WHERE BOX = ' '.
    ENDIF.
    PERFORM GERE_COMPTE.
  ENDIF.

************************************************************************

* Fonctionnement sur commande utilisateur
AT USER-COMMAND.
  CASE SY-UCOMM.
    WHEN 'OK'.                         "blocage ou deblocage
      CHECK P_LIST <> 'X'.
      PERFORM GET_LIGNE_COCHEE.
      PERFORM GERE_COMPTE.

    WHEN 'SEL'.
      PERFORM T_DEST-FLAG_UPDATE USING 'X'.
    WHEN 'USEL'.
      PERFORM T_DEST-FLAG_UPDATE USING ' '.
    WHEN 'EXIT'.
      LEAVE SCREEN.
    WHEN 'OTHERS'.
      MESSAGE E435 WITH SY-REPID  SY-UCOMM.
  ENDCASE.                             "End sy-ucomm case.

************************************************************************

*----------------------------------------------------------------------*
*       FORM T_DEST-FLAG_UPDATE
*----------------------------------------------------------------------*
*       Selectionne ou deselectionne les Flags
*----------------------------------------------------------------------*

FORM T_DEST-FLAG_UPDATE USING ZFLAG.

  CLEAR W_IND.
  DO.
    CLEAR T_USER.
    ADD 1 TO W_IND.
    READ LINE W_IND FIELD VALUE T_USER-BOX.    "Read sy-lisel
    IF SY-SUBRC <> 0.
      EXIT.
    ENDIF.
    CHECK T_USER-BOX <> '?'.
    MODIFY CURRENT LINE                "Lock the checkbox
       FIELD VALUE  T_USER-BOX FROM ZFLAG.
  ENDDO.
ENDFORM.

*&---------------------------------------------------------------------*
*&      Form  GERE_COMPTE
*&---------------------------------------------------------------------*
*       Bloque ou debloque la liste de compte
*----------------------------------------------------------------------*

FORM GERE_COMPTE.

** Renseigner liste des utilisateurs a bloquer/debloquer
  LOOP AT T_USER WHERE BOX = 'X'.
    IF P_BLOC = 'X'.
      CALL FUNCTION 'SUSR_USER_LOCK'
           EXPORTING
                USER_NAME           = T_USER-BNAME
           EXCEPTIONS
                USER_NAME_NOT_EXIST = 1
                OTHERS              = 2.
      IF SY-SUBRC <> 0.
        WRITE : / T_USER-BNAME, 'n''a pas pu etre bloque'.
      ENDIF.

    ELSE.                              "debloque
      CALL FUNCTION 'SUSR_USER_UNLOCK'
           EXPORTING
                USER_NAME           = T_USER-BNAME
           EXCEPTIONS
                USER_NAME_NOT_EXIST = 1
                OTHERS              = 2.
      IF SY-SUBRC <> 0.
        WRITE : / T_USER-BNAME, 'n''a pas pu etre debloque'.
      ENDIF.
    ENDIF.

    IF SY-SUBRC = 0.
      CALL FUNCTION 'SUSR_USER_BUFFERS_TO_DB'
           EXPORTING
                MESSAGE_OUT               = 'X'
           EXCEPTIONS
                NO_LOGONDATA_FOR_NEW_USER = 1
                NO_INIT_PASSWORD          = 2
                DB_INSERT_USR02_FAILED    = 3
                DB_UPDATE_USR02_FAILED    = 4
                DB_INSERT_USR01_FAILED    = 5
                DB_UPDATE_USR01_FAILED    = 6
                DB_INSERT_USR05_FAILED    = 7
                DB_UPDATE_USR05_FAILED    = 8
                DB_INSERT_USR21_FAILED    = 9
                DB_UPDATE_USR21_FAILED    = 10
                INTERNAL_ERROR            = 11
                OTHERS                    = 12.
    ENDIF.
  ENDLOOP.

ENDFORM.                               " GERE_COMPTE

*&---------------------------------------------------------------------*
*&      Form  GET_LIGNE_COCHEE
*&---------------------------------------------------------------------*
*       Recupere toutes les lignes cochees a l'ecran
*----------------------------------------------------------------------*

FORM GET_LIGNE_COCHEE.

  CLEAR W_IND.
  DO.
    CLEAR: T_USER.
    ADD 1 TO W_IND.
    READ LINE W_IND FIELD VALUE T_USER-BOX
                                T_USER-BNAME.
    IF SY-SUBRC <> 0.
      EXIT.
    ENDIF.
    CHECK T_USER-BOX EQ 'X'.           "Selected line ?

* si cochee, modifier la ligne dans la table interne
    MODIFY T_USER TRANSPORTING BOX
                  WHERE BNAME = T_USER-BNAME.

* Modification de l'ecran : bloque les box
    MODIFY CURRENT LINE
       FIELD FORMAT T_USER-BOX INPUT OFF.
  ENDDO.
ENDFORM.                               " GET_LIGNE_COCHEE
This was last published in March 2002

Dig Deeper on SAP Basis administration and NetWeaver administration

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchManufacturingERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchFinancialApplications

Close