User Account Is Locked
Problem Description
Users report that they cannot log on to the SAP NetWeaver Application Server (AS) Java. The following text appears:
Authentication failed. Password locked
There is a message in the server's log file (/log/system/security.log.*):
Invalid password for user TEST_USER .
Invalid password for user TEST_USER.
Invalid password for user TEST_USER .
Invalid password for user TEST_USER .
Invalid password for user TEST_USER .
Invalid password for user TEST_USER .
<systemuser> | USERACCOUNT.MODIFY | USERACCOUNT = UACC.PRIVATE_DATASOURCE.un:TEST_USER | | SET_ATTRIBUTE: lockreason=[1], SET_ATTRIBUTE: islocked=[true]
User 'TEST_USER' locked after 6 unsuccessful attempts to login.
|
Scenario Type: |
Error analysis |
|
SAP NetWeaver Component: |
Security Service (BC-JAS-SEC) |
|
Validity: |
SAP NetWeaver 2004 or higher |
Decision Roadmap
Prerequisites
User with administrator rights
Main Tools
Identity management of the user management engine (UME)
Analysis
- The user forgot his or her password
- Someone is trying to guess the user's password
- The password was being changed by someone with administrator's rights without the user's knowledge
- The user changed his or her password but an external tool has no knowledge of this
Solution hints:
Unlock the user account.
If the user account locked is the only administrator account, activate the emergency user, then unlock the account.
More Information: