Problem solve Get help with specific problems with your technologies, process and projects.

Take your user accounts up-to-date

This program will help you to block accounts which have not been used for a while.

This program will help you to block accounts which have not been used for a while (ex : create a monthly job which...

blocks all accounts not used for 3 months). Or you can also block accounts created few weeks ago and never been used since (initial password is still Ok, which is a very dangerous "open door" in your system).

REPORT Z_ADM_BLOQUE_USER        MESSAGE-ID 00
                                NO STANDARD PAGE HEADING
                                LINE-COUNT 58
                                LINE-SIZE 170.

************************************************************************
* Ce programme permet de bloquer ou faire la liste des utilisateurs
* non logues depuis x jours et/ou crees depuis y jours
************************************************************************
* Benoit DELPORTE (Integris)
* le 03/09/2001
* 4.0B
************************************************************************
*                            MODIFICATIONS
*
************************************************************************

TABLES : USR02,                        "Donnees Logon
         USR21, ADRP, ADCP.            "Donnees utilisateurs

************************************************************************

INCLUDE <ICON>.                        " pour liste des icones

DATA : BEGIN OF T_USER OCCURS 0,
  BOX,
  CLASS LIKE USR02-CLASS,
  BNAME LIKE USR02-BNAME,
  UFLAG LIKE USR02-UFLAG,
  ERDAT LIKE USR02-ERDAT,
  TRDAT LIKE USR02-TRDAT,
END OF T_USER.

DATA : W_NB_USER TYPE I,
 W_COLOR,                              "top couleur
 W_SEL_COUNT LIKE SY-TABIX,            "total users select=E9s
 W_INIT_COUNT LIKE SY-TABIX,           "total users =E0 initial
 W_BLOQ_COUNT LIKE SY-TABIX,           "total users bloqu=E9s
 W_IND LIKE SY-TABIX,                  "index ligne ecran
 W_CODE LIKE SY-DYNNR.                 "LOCK ou ULCK

************************************************************************

SELECT-OPTIONS : S_BNAME FOR USR02-BNAME.
PARAMETERS : P_ERDAT LIKE USR02-ERDAT OBLIGATORY,   "date creation
             P_TRDAT LIKE USR02-TRDAT. "date dernier login

SELECTION-SCREEN SKIP.                 "Bloc 1 (userid,date...)
SELECTION-SCREEN BEGIN OF BLOCK CHOIXTRT
                 WITH FRAME TITLE TEXT-101.
PARAMETERS : P_LIST RADIOBUTTON GROUP G1,
             P_BLOC RADIOBUTTON GROUP G1,
             P_DEBL RADIOBUTTON GROUP G1.
SELECTION-SCREEN END   OF BLOCK CHOIXTRT.

SELECTION-SCREEN SKIP.                 "Bloc 3 Edt bloquee ou non
SELECTION-SCREEN BEGIN OF BLOCK FILTREBLOC
                 WITH FRAME TITLE TEXT-102.
PARAMETERS : P_SEL AS CHECKBOX.
SELECTION-SCREEN END   OF BLOCK FILTREBLOC.

************************************************************************
INITIALIZATION.
  P_ERDAT = SY-DATUM - 30.
  P_TRDAT = SY-DATUM - 30.

************************************************************************
TOP-OF-PAGE.

* Affichage de l'entete
  IF P_BLOC = 'X'.
    WRITE : / 'Le ', SY-DATUM,         "date traitement
            40 'Controle Acces SAP: BLOCAGE des Utilisateurs',
           130 'Page n=', SY-PAGNO.
  ELSEIF P_DEBL = 'X'.
    WRITE : / 'Le ', SY-DATUM,         "date traitement
            40 'Controle Acces SAP: DEBLOCAGE des Utilisateurs',
           130 'Page n=', SY-PAGNO.
  ELSE.
    WRITE : / 'Le ', SY-DATUM,         "date traitement
            40 'Controle Acces SAP: LISTE des Utilisateurs',
           130 'Page n=', SY-PAGNO.
  ENDIF.

  SKIP 1.
  FORMAT COLOR COL_HEADING.
  WRITE : /4  TEXT-001,                "userid
           19 TEXT-002,                                     "nom
           50 TEXT-003,                "prenom
           80 TEXT-004,                "domaine
           95 TEXT-005,                "bloque
          115 TEXT-006,                "date creation
          130 TEXT-007.                "dernier login
  FORMAT COLOR COL_HEADING OFF.
  SKIP 1.

************************************************************************

START-OF-SELECTION.

* Controle du droit d'acces : seulement pour administrateur habilitation
  SET PF-STATUS 'LIST'.

* Recherche des utilisateurs a lister
  SELECT BNAME CLASS UFLAG ERDAT TRDAT
         INTO CORRESPONDING FIELDS OF TABLE T_USER
         FROM USR02
         WHERE BNAME IN S_BNAME
           AND BNAME NOT LIKE 'SAP%'   "Elimination SAP*
           AND BNAME NOT LIKE '%ADM'   "Elimination Administrateur
           AND BNAME <> 'EARLYWATCH'
           AND BNAME  <> 'DDIC'        "Elimination DDIC
           AND ERDAT <= P_ERDAT
           AND TRDAT <= P_TRDAT
           AND USTYP = 'A'.            "Type A seulement (dialogue)

** Affichage de la liste
  LOOP AT T_USER.

* Remote security :  check remote user authorisation
    AUTHORITY-CHECK OBJECT 'S_USER_GRP'
            ID 'CLASS' FIELD T_USER-CLASS
            ID 'ACTVT' FIELD '05'.

* Edition ou non des users bloques
    IF P_SEL = 'X' AND NOT T_USER-UFLAG IS INITIAL.
      ADD 1 TO W_BLOQ_COUNT.           "compteur bloques
      CONTINUE.
    ENDIF.

    ADD 1 TO W_SEL_COUNT.

** Recherche des autres donnees utilisateurs
** Acces table USR21
    CLEAR USR21.
    SELECT SINGLE * FROM USR21
                  WHERE BNAME = T_USER-BNAME.

** Acces table ADRP
    CLEAR ADRP.
    SELECT SINGLE NAME_FIRST NAME_LAST
           INTO CORRESPONDING FIELDS OF ADRP
           FROM ADRP
           WHERE PERSNUMBER = USR21-PERSNUMBER
             AND DATE_FROM <= SY-DATUM.

** Affichage d'une ligne

    WRITE : / T_USER-BOX AS CHECKBOX.
    FORMAT COLOR = 4.
    WRITE :        T_USER-BNAME UNDER TEXT-001. "Display Userid
    FORMAT COLOR = 2.
    WRITE : ADRP-NAME_LAST(20) UNDER TEXT-002,       "Display Nom
            ADRP-NAME_FIRST(20) UNDER TEXT-003,      "Display Prenom
            T_USER-CLASS UNDER TEXT-004.   "Display Domaine

    IF NOT T_USER-UFLAG IS INITIAL.    "test si bloque (diff de 0)
      ADD 1 TO W_BLOQ_COUNT.           "compteur bloque
      FORMAT COLOR = 6.                "icon_locked in red
      WRITE : ICON_LOCKED AS ICON UNDER TEXT-005.
      WRITE : '** Bloque **   '.
    ENDIF.

    FORMAT COLOR = 2.                  "Next text will be in white.

    WRITE :   T_USER-ERDAT UNDER TEXT-006,
               '          '.
    IF T_USER-TRDAT IS INITIAL.        "When no logon date is 'initial'
      IF W_COLOR IS INITIAL.           "...and
        FORMAT COLOR = 7.              "...'initial' is in purple
        W_COLOR = 'X'.                 "top inversion couleur
      ELSE.                            "...else
        FORMAT COLOR = 3.              "...'initial' is yellow
        W_COLOR = ' '.                 "top inversion couleur
      ENDIF.
      WRITE 'Initial   ' UNDER TEXT-007. "write 'initial' on
      ADD 1 TO W_INIT_COUNT.           "compteur Initial
    ELSE.
      WRITE: T_USER-TRDAT UNDER TEXT-007. "Display the last logon date
    ENDIF.
  ENDLOOP.

** Affichage fin de liste
  FORMAT COLOR COL_TOTAL.
  ULINE.
  SKIP 2.
  WRITE: / W_SEL_COUNT, 'Utilisateur(s) selectionne(s)'.
  WRITE: / W_INIT_COUNT, 'Utilisateur(s) a INITIAL'.
  WRITE: / W_BLOQ_COUNT, 'Utilisateur(s) BLOQUE(S)'.

************************************************************************

* Fonctionnement en Arriere Plan :
*    table interne t_user :  mise a 'X' de tous les box a ' '
*    puis mise a jour dans base SAP (gere-compte)

  IF SY-BATCH = 'X'.
    CHECK P_LIST <> 'X'.
    T_USER-BOX  = 'X'.
    IF P_SEL = 'X'.
      MODIFY T_USER TRANSPORTING BOX
             WHERE BOX = ' '
               AND UFLAG = 0.
    ELSE.
      MODIFY T_USER TRANSPORTING BOX
             WHERE BOX = ' '.
    ENDIF.
    PERFORM GERE_COMPTE.
  ENDIF.

************************************************************************

* Fonctionnement sur commande utilisateur
AT USER-COMMAND.
  CASE SY-UCOMM.
    WHEN 'OK'.                         "blocage ou deblocage
      CHECK P_LIST <> 'X'.
      PERFORM GET_LIGNE_COCHEE.
      PERFORM GERE_COMPTE.

    WHEN 'SEL'.
      PERFORM T_DEST-FLAG_UPDATE USING 'X'.
    WHEN 'USEL'.
      PERFORM T_DEST-FLAG_UPDATE USING ' '.
    WHEN 'EXIT'.
      LEAVE SCREEN.
    WHEN 'OTHERS'.
      MESSAGE E435 WITH SY-REPID  SY-UCOMM.
  ENDCASE.                             "End sy-ucomm case.

************************************************************************

*----------------------------------------------------------------------*
*       FORM T_DEST-FLAG_UPDATE
*----------------------------------------------------------------------*
*       Selectionne ou deselectionne les Flags
*----------------------------------------------------------------------*

FORM T_DEST-FLAG_UPDATE USING ZFLAG.

  CLEAR W_IND.
  DO.
    CLEAR T_USER.
    ADD 1 TO W_IND.
    READ LINE W_IND FIELD VALUE T_USER-BOX.    "Read sy-lisel
    IF SY-SUBRC <> 0.
      EXIT.
    ENDIF.
    CHECK T_USER-BOX <> '?'.
    MODIFY CURRENT LINE                "Lock the checkbox
       FIELD VALUE  T_USER-BOX FROM ZFLAG.
  ENDDO.
ENDFORM.

*&---------------------------------------------------------------------*
*&      Form  GERE_COMPTE
*&---------------------------------------------------------------------*
*       Bloque ou debloque la liste de compte
*----------------------------------------------------------------------*

FORM GERE_COMPTE.

** Renseigner liste des utilisateurs a bloquer/debloquer
  LOOP AT T_USER WHERE BOX = 'X'.
    IF P_BLOC = 'X'.
      CALL FUNCTION 'SUSR_USER_LOCK'
           EXPORTING
                USER_NAME           = T_USER-BNAME
           EXCEPTIONS
                USER_NAME_NOT_EXIST = 1
                OTHERS              = 2.
      IF SY-SUBRC <> 0.
        WRITE : / T_USER-BNAME, 'n''a pas pu etre bloque'.
      ENDIF.

    ELSE.                              "debloque
      CALL FUNCTION 'SUSR_USER_UNLOCK'
           EXPORTING
                USER_NAME           = T_USER-BNAME
           EXCEPTIONS
                USER_NAME_NOT_EXIST = 1
                OTHERS              = 2.
      IF SY-SUBRC <> 0.
        WRITE : / T_USER-BNAME, 'n''a pas pu etre debloque'.
      ENDIF.
    ENDIF.

    IF SY-SUBRC = 0.
      CALL FUNCTION 'SUSR_USER_BUFFERS_TO_DB'
           EXPORTING
                MESSAGE_OUT               = 'X'
           EXCEPTIONS
                NO_LOGONDATA_FOR_NEW_USER = 1
                NO_INIT_PASSWORD          = 2
                DB_INSERT_USR02_FAILED    = 3
                DB_UPDATE_USR02_FAILED    = 4
                DB_INSERT_USR01_FAILED    = 5
                DB_UPDATE_USR01_FAILED    = 6
                DB_INSERT_USR05_FAILED    = 7
                DB_UPDATE_USR05_FAILED    = 8
                DB_INSERT_USR21_FAILED    = 9
                DB_UPDATE_USR21_FAILED    = 10
                INTERNAL_ERROR            = 11
                OTHERS                    = 12.
    ENDIF.
  ENDLOOP.

ENDFORM.                               " GERE_COMPTE

*&---------------------------------------------------------------------*
*&      Form  GET_LIGNE_COCHEE
*&---------------------------------------------------------------------*
*       Recupere toutes les lignes cochees a l'ecran
*----------------------------------------------------------------------*

FORM GET_LIGNE_COCHEE.

  CLEAR W_IND.
  DO.
    CLEAR: T_USER.
    ADD 1 TO W_IND.
    READ LINE W_IND FIELD VALUE T_USER-BOX
                                T_USER-BNAME.
    IF SY-SUBRC <> 0.
      EXIT.
    ENDIF.
    CHECK T_USER-BOX EQ 'X'.           "Selected line ?

* si cochee, modifier la ligne dans la table interne
    MODIFY T_USER TRANSPORTING BOX
                  WHERE BNAME = T_USER-BNAME.

* Modification de l'ecran : bloque les box
    MODIFY CURRENT LINE
       FIELD FORMAT T_USER-BOX INPUT OFF.
  ENDDO.
ENDFORM.                               " GET_LIGNE_COCHEE
This was last published in March 2002

Dig Deeper on SAP Basis administration and NetWeaver administration

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchERP

SearchOracle

SearchDataManagement

SearchAWS

SearchBusinessAnalytics

SearchCRM

SearchContentManagement

SearchHRSoftware

Close