For a while now I have been struggling to find out the solution to my problem, how to trace if the user ids are shared between users, but the effort has been futile till now. Many threads mentioned about the table USR41_MLD and somewhat it was helpful in telling that yes there were multiple logins but it did not validate whether the ID was used on the same computer or different one.
USR41_MLD
I pondered upon solutions which could have given me headache and wanted to have a simplistic approach to this problem.
As it’s always correct, going back is the best way to move forward. I resorted to SM19 and SM20. Description first in words and then pictorial.
Activate the user/users you want to monitor in SM19.
In SM20 after filling in the prerequisite fields and selecting the time frame, you will have to extract the audit log as shown in the screenshot below. Once the data is extracted the field “Terminal” will give you your answer. This field captures the Terminal/IP-address of the system in which the id was logged in. User MAA* was logged into two different computers FE-Z0QUA and FE-Z08KJ.
GOTCHA