sap*/ddic的密码破解完整篇

最新推荐文章于 2026-05-02 09:28:11 发布

原创最新推荐文章于 2026-05-02 09:28:11 发布 · 2.8k 阅读

1 ·

本内容遵循CC 4.0 BY-SA版权协议

标签

#sapddic的密码破解完整篇

SAP 专栏收录该内容

340 篇文章

订阅专栏

本文提供了解锁被锁定的SAP*用户的详细步骤，包括通过其他用户登录系统、不同数据库系统的操作方法以及在特定情况下如何通过系统管理员创建新用户。同时提供了不同数据库环境下执行SQL命令的具体指令。

sap*/ddic的密码破解完整篇

Instead ofdeleting user -SAP* try to unlockthe user by logging into the system with some other user. Else unlock from DBlevel as per the steps given below.
Kindly ensure that SAP*user is not deleted from R3 or DB level.
In case ifyou find that the SAP* is deleted and you are able to login with pass aspassword then please createSAP*user with copy of DDIC or TCSDEV users inSU01.
Even youcan create a new user SAP* with roles:SAP_ALLand SAP_NEW.
Thepassword for TCSDEV user is presentin private ark.
Important:
In 7.10systems if you delete the SAP* user with the report (TK_DELETE_SAP) or from DB,then in SU01 the create and copy buttons will not be present. This happenssince CUA is maintained on that system. In such cases only system owner cancreate the user in the system. So you can send a mail to the system ownerasking him to create SAP* user.

The SQLcommands in different databases are given below:

[1]{A}ORACLE<= 8.x

Logon to database server and switch to ora<SID>    user (e.g. oraalr) under UNIX or <sidadm> under Windows.
   Start the database server manager with the command:
   svrmgrl
connect internal
Now you're able to execute SQL statements:
to view the entries of the "sap*" user type in following command:
select MANDT, BNAME, UFLAG from <db_schema>.USR02 where MANDT='000' and BNAME='SAP*';(maybe you have to change "mandt" to your client)
To simply unlock SAP* in client 000, without having to delete it:
update <db_schema>.USR02 set UFLAG=0 where BNAME='SAP*' and MANDT=’000’;
exit
à exit the server manager

[1]{B}ORACLE >= 9.x

Logon to database server and switch to ora<SID>    user (e.g. oraalr) under UNIX (<sidadm> under Windows).
   Under Windows check correct settings of environment (ORASID, ...).
   Start the database server manager with the command:
   sqlplus "/as sysdba"
   Now you're able to execute SQL statements:
to view the entries of the "sap*" user type    in following command:
   select MANDT, BNAME, UFLAG from    <db_schema>.USR02 where MANDT='000' and BNAME='SAP*';

(maybe you have to    change "mandt" to your client)
To simply unlock SAP* in client 000, without having to delete it:
update <db_schema>.USR02 set UFLAG=0 where BNAME='SAP*' and MANDT=’000’;
exit
à exit the server manager

Find outexisting schemas: select * fromall_users;

[2] DB6 (DB2 UDB for Unix/Linux/Windows)

Logon to database server
   1. Switch to db2<sid> user (e.g. db2qnn) under UNIX
   or
   2. logon as <sidadm> under Unix/Windows
Start the SQL mode with command:
   db2 (Unix)
   db2cmd (Windows)
   Now you're able to execute SQL statements (on Windows: db2 in    front of the SQL statement):
to view the entries of the "sap*" user type    in following command:
   select MANDT, BNAME, UFLAG from    <db_schema>.USR02 where MANDT='000' and BNAME='SAP*'

(maybe you have to change    "mandt" to your client)
To simply unlock SAP* in client 000, without having to delete it:
update <db_schema>.USR02 set UFLAG=0 where BNAME='SAP*' and MANDT=’000’
quit
Find out existing schemas: select * from syscat.dbauth
If UFLAG value is other than 0 when you execute select command then the user is locked.

[3]SAPDB/MAXDB

Logon to database server
   1. Switch to sqd<SID> user (e.g. sqdyak) under UNIX
   or
   2. logon as <sidadm> under Unix/Windows
   Start the SQL mode with the command:
   dbmcli -d <SID> -u control,<password> -uSQL    <db_schema>,<password>
   sql_execute <sql statement> alternate
   sqlcli -d <SID> -u <db_schema>,<password>
-->
(version >= 7.5)
   <sql statement>
   Now you're able to execute <sql statement>:
To view the entries of the "sap*" user type in following command:
sql_execute select MANDT, BNAME, UFLAG from <db_schema>.USR02 where MANDT='000' and BNAME='SAP*'(maybe you have to change "mandt" to your client)
To simply unlock SAP* in client 000, without having to delete it:
sql_execute update <db_schema>.USR02 set UFLAG=0 where BNAME='SAP*' and MANDT=’000’
quitor q(sqlcli)

To findout which schemas exist:

dbmcli -d <SID> -u control,<password>
sql_execute select * from users

[4] MSSQL

Logon to database server as <sidadm> in D_WDF_R3 domain
invoke: Start --> Programs --> Microsoft SQL Server --> Query Analyzer
enter:
SQL server : ‘.’ means current server
connect using : Windows authentication
choose needed DB instance in selection field
Now you're able to execute SQL statements:
To view the entries of the "sap*" user type    in the following command:
   select MANDT, BNAME, UFLAG from    <db_schema>.USR02 where MANDT=000 and BNAME='SAP*'
(maybe    you have to change "mandt" to your client; <db-user> is    case sensitive)
To simply unlock SAP* in client 000, without having to delete it:
update <db_schema>.USR02 set UFLAG=0 where BNAME='SAP*' and MANDT=000
execute --> pressF5
close Query Analyzer

Kindly be very careful when you are using UPDATE commandbecause there is no way to revert back. The only way is to restore the wholeDB.
Because USR02 is a buffered tableplease logon to any client and execute/$tab in the transaction code field tosynchronize the buffers.