Welcome to the S-user lifetime support page. To help protect your sensitive company information and ensure GDPR compliance, SAP is assisting customers and partners in their responsibility of user administration by assigning an expiry date to all S-users, which started June 2nd, 2020. You can find the S-user lifetime expiration date in your User Profile. Administrators will find more in-depth information relevant to the user account management activities in the User Management Application.
Phase 1 - Active
Phase 2 - Expiring
Phase 3 - Expired
Phase 4 - Deleted
All new and existing S-users are in scope except for super, cloud or user administrators, security managers, technical communication users and P-users.
S-user lifetimes are mandatory for all customers and partners as part of the new user management processes started June 2nd, 2020.
An S-user ID gets the "inactive" status when their S-user ID information does not have valid email address information. Inactive S-user IDs cannot be used. User administrators must provide the missing information to reactivate the S-user ID.
You can request an extension of your expiry date through your User Profile, Please refer to KBA 2971742 - How to extend the expiry date of your S-user ID.
If your S-user ID was deleted, a new S-user ID needs to be created. Your certificates can be reassigned. Please refer to KBA 2547250 - How to reassign training (learning) certifications to a new S-User ID - SAP Training.
Make sure notifications are enabled in your user profile in the Support Launchpad (select Manage Notifications in the user drop down menu). In addition, make sure notification-service@sap.com is not in your junk or deleted email folder.
The incident handling process will not be affected even if the S-user ID of the Reporter has been deleted/expired. However, if your S-user ID has already expired, contact your user administrator to request reactivation and extension of your expiry date. Once completed, you should again be able to access your incident(s). However, if your S-user gets deleted, you will need to request a new S-user ID to resume incident processing. Meanwhile, any other active user within the company with incident authorization can take over and process the incident.
Yes, administrators can update the lifetime of a specific user at any point before they expire. If using the mass update functionality, it can only be used for S-users in the active, expiring or expired status; the expiry date of S-users can only be set to a maximum of 24 months.
Note: Administrators should only extend S-users that are required to continue transacting on behalf of the company.
Yes administrators may delete any S-user ID's at any time.
S-users will be informed about any changes to their expiration dates.
All administrators (i.e super, cloud, or user administrators as well as Partner Security Managers) will be notified about the expiring S-user IDs.
The customer/partner user administrators can use the SAP ONE Support Launchpad "Support User Management" tile (Manage My Users application for Partners) to check the 'Expiry Date' of their users. One can extend the expiry date via the 'Action' column.
Please refer to KBA 2928052 - S-User ID Lifetime information - SAP ONE Support Launchpad. If you still facing challenges, please raise an Official Support Ticket for the support team to investigate further.
No. There is no automatic extension capability within the S-user Lifetime functionality. During the creation of a new S-user ID, the validity period defaults to 2-years. The user administrator can amend the validity date if needed. The ‘last log in’ date can be used by the user administrator to determine whether the S-user ID is still being used, and thus merit an extension.
The same guidelines and rules apply to VAR-d partners: administrators must maintain S-user IDs regularly. Like customers, partners will also receive notifications for expiring users within your organization.
Also, if you are using SAP Solution Manager for incident management, please ensure that S-user IDs in your AISUSER table are still active. Those S-user IDs are used for incident forwarding to SAP Support. Incident forwarding to SAP Support is not possible if the S-user IDs used are either expired, inactive, or deleted.
No. Only your end customers will receive such notifications for their own S-user IDs. It is your customer's responsibility to manage their own S-user IDs.
Do the VAR-d user administrators have an overview of all S-user IDs and their expiry dates?
Your SAP Solution Manager system will still be able to read and update your incidents within SAP Solution Manager, even if the end customer's or your own S-user ID of the end customer becomes expired or deleted. However, it will not be possible for the SAP Solution Manager to send or forward your incident back to SAP if any S-user ID involved (either the "Reporter" or the "Creator") in forwarding to SAP is either expired or deleted. Therefore, if the S-user ID has expired, please contact your user administrator to reactivate the S-user ID and extend its expiry date.
It is important that your end customer ensure that they keep track and ensure that their S-user ID expiry dates are updated accordingly. If S-user IDs are not maintained, then incident exchange with SAP may be disrupted.
Yes. If the VAR-d partner knows which end customer S-user ID is active, s/he can change the "Contact Person" entry from the AISUSER table to the active S-user ID. Please also reference SAP Note 2511493.
No, it is also relevant for logging into various SAP portals and systems.
Yes, your customers will need to manage, review all created S-user IDs for their organization and decide for themselves which ones to extend and which ones to allow to expire (or they can already delete them manually, if applicable). For this purpose, the user administrators can reference the "last login" date, which provides some information on whether the S-user ID is still being used. VAR-d end customers also need to be conscious and check with their Service Providers which S-user IDs are being used by the Service Provider when sending incidents to SAP. VAR-d customers need to ensure that those S-user IDs do not expire. Otherwise they will be impacted when forwarding incidents to SAP Solution Manager.
For general partner User Lifetime information and FAQ, see here.
Yes, please check SAP Notes 2961836 and 2945427 and consider implementing them based on your use case.
Yes, please check SAP Notes 2961836 and 2945427 and consider implementing them based on your user case.