Un/Lock all users in a client

Un/Lock all users in a client

This tip is excerpted from Matt Wong's SAP Basis site.

Sometimes it is useful to be able to lock all the users out of a client. For instance, you would probably want to do this during a client copy operation. You can do this with tp locksys, but you have to issue that command from the OS level, and then you can only use DDIC or SAP* to log on. You can use this program to lock out all users except yourself.

This program (un)locks all the users in a client, except for the current user, and the SAP* user. You might want to add something like SELECT-OPTIONS EXEMPTUS FOR USR02-BNAME to allow a list of usernames not to be processed.

*&---------------------------------------------------------------------*
*& Report  YUSRLOCK                                                    *
*&                                                                     *
*&---------------------------------------------------------------------*
*&                                                                     *
*&                                                                     *
*&---------------------------------------------------------------------*

REPORT  YUSRLOCK           MESSAGE-ID Z1           .
TABLES: USR02.
PARAMETERS: LOCK AS CHECKBOX, LISTLOCK AS CHECKBOX.
DATA: UFLAGVAL TYPE I, LOCKSTRING(8) TYPE C.

*-------------- Authorization check -----------------------*
AUTHORITY-CHECK OBJECT 'ZPROG_RUN' ID 'PROGRAM' FIELD SY-CPROG.
IF SY-SUBRC <> 0.
  IF SY-SUBRC = 4.
    MESSAGE E000 WITH SY-CPROG. "some message about authorization check failure
  ELSE.
    MESSAGE E005 WITH SY-SUBRC. "some message about authorization check failure
  ENDIF.
ENDIF.

IF LISTLOCK = 'X'.
  WRITE:/ 'List all locked users: '.
  SELECT * FROM USR02 WHERE UFLAG = 64.
    WRITE: / USR02-BNAME.
  ENDSELECT.
  EXIT.
ENDIF.
IF LOCK = 'X'.
  UFLAGVAL = 64.                       "lock all users
  LOCKSTRING = 'locked'.
ELSE.
  UFLAGVAL = 0.                        "unlock all users
  LOCKSTRING = 'unlocked'.
ENDIF.

SELECT * FROM USR02 WHERE BNAME <> 'SAP*' AND BNAME <> SY-UNAME.
  IF USR02-UFLAG <> 0 AND USR02-UFLAG <> 64.
    WRITE: 'User', USR02-BNAME, 'untouched; please handle manually.'.
    CONTINUE.
  ENDIF.

** check that user has authority to make these changes
  AUTHORITY-CHECK OBJECT 'S_USER_GRP'
      ID 'CLASS' FIELD USR02-CLASS
      ID 'ACTVT' FIELD '05'.
  IF SY-SUBRC <> 0.
    IF SY-SUBRC = 4.
      WRITE: /'You are not authorized to lock/unlock user ',
        USR02-BNAME, USR02-CLASS.
    ELSE.
      WRITE: /'Authorization error checking user ',
             USR02-BNAME, USR02-CLASS, '(return code', SY-SUBRC, ').'.
    ENDIF.
  ELSE.                                "has authority
    UPDATE USR02 SET UFLAG = UFLAGVAL WHERE BNAME = USR02-BNAME.
    WRITE: / 'User', USR02-BNAME, LOCKSTRING, '.'.
  ENDIF.


This was first published in January 2001

Dig deeper on SAP Java and J2EE

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchManufacturingERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchFinancialApplications

Close