Extract list of users that can login to Netweaver ...

tsyee · ‎09-23-2021

Hi,

As part of our IT security review, I need to provide auditors the list of users that logins to our SAP Netweaver java system.

In this system, most of our user accounts were created with password set to disabled. Only Basis, IT application developers and consultants were issued a password to login to the java system.

In SAP Netweaver Java Identity Management, there is no selection criteria to select users with a password. Refer to the screen shots attached.

selectioncriteria-1.png selectioncriteria-2.png selectioncriteria-3.png selectioncriteria-4.png selectioncriteria-5.png

Even if I export the user, their password status are not available in the exported files too.

For e.g

[User] uid=9876

last_name=xxxxx

first_name=yyyyy

email_address=xxuy@dummy.com

accessibility=0

Any suggestion ? Possible to extract from DB? Any commands to share?

dominik_koop · ‎12-07-2021

Hi,

the UME attributes are stored in table UME_STRINGS.

You could try something like this:

select * from sapsr3db.ume_strings where namesp='com.sap.security.core.usermanagement' and attr='ispassworddisabled' and val='false';

Regards,
Dominik

Extract list of users that can login to Netweaver Java

Accepted Solutions (0)

Answers (1)

Answers (1)

Re: Trying to understand the behaviour of intent l...

Re: Trying to understand the behaviour of intent l...

Re: Cloud Transport Management Service -getting er...

Re: Invalid datetime value when using Python Scrip...

Help with NoClassDefFoundError for com/sap/aii/sec...