Julius,

Thanks for the quick response.

It is password lock.

What I meant to say was that there is no manual entry of password, not that we do not need a password. However, it is good to know that this could be a workaround for now.

What are the drawbacks of not having a password if we are able to secure this user using S_USER_GRP as you mentioned?

VP

The draw-back of not having a pasword is that you cannot logon with a password; which is however advisable if the user does not need one.

The advantage is that other folks (or outdated config) cannot password lock the user by logging on incorrectly with it.

What I meant by S_USER_GRP is to protect the user master record itself so that only authorized administartors can change it, or admin-lock it, or recreate an initial password again.

First check to see whether there is another system on a lower release which is attempting to communicate with yours, as the password rules changed. Chances are good that it is the case sensitive password rule causing this.

Otherwise, activate the dynamic configuration filters of the Security Audit Log in transaction SM19 on your servers to log the event Unsuccessfull Login and wait for it to happen again. Then check your SM20N log to see where it is coming from.

Cheers,

Julius

Thanks, Julius.

Lets wait a while until it happens again, and then let us know

ps: as it could happen again for other reasons... you can also monitor it via static SM19 filters (if setup).

pps: Another option (if you are fast enough) is to use transaction STAD (or STAT) to find the "terminal".