Skip to Content

DDIC user password status showing as "Exists; Password Based Logon is not possible".

Dear Expert,

I have a situation wherein user DDIC in report RSUSR003 has password status as "Password Based Login is not possible". Its lock status is showing "Not locked and it is a dialog type of user.

Can you please explain the meaning of this password status.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Feb 23, 2018 at 09:59 AM

    Hi Gautam,

    This indicates that the DDIC user's password was deactivated, which can be done via SU01 > Logon Data tab > Password section > Deactivate.

    You should be able to verify this by checking the "Password Status" field in the DDIC user's Logon Data tab in SU01 / SU01D / etc., which should read "Password deactivated" and is why you are seeing the RSUSR003 report reflecting a Password Status for DDIC in the respective client of "Password-based logon is not possible".

    While a deactivated password will prevent password based logon (even for a Dialog user), one thing to keep in mind that non-password based logon is still possible with a deactivated password (e.g., using SNC for SAP GUI and RFC based front ends, using X.509 user certificates for Web-based front ends, and using SAP logon tickets if using portal / Workplace).

    If you'd like more information on password deactivation, consider viewing the "Password Status Info" detail available via the Performance Assistant in the SU01 Logon Data tab. There are a couple user type and profile parameter considerations to keep in mind which are explained here. You can also read about it via the following link:

    Hope that helps.



    Add comment
    10|10000 characters needed characters exceeded