This website is not affiliated with, sponsored by, or approved by SAP AG.

Initial Password

SAP Security

Moderators: Snowy, thx4allthefish, jurjen

Post Reply
chutney374
Posts: 44
Joined: Mon Jan 09, 2012 2:39 am

Initial Password

Post by chutney374 » Wed Jun 04, 2014 11:44 am

Hi

I'm sure the answer is a resounding no from a SAP standard point of view but here goes:

I have a customer and the customers users don't access the SAP systems via SAPgui but via a portal.

Is there a way to disable the automatic password change at loggon when the system admin/security teams reset a password for a user if the user can't loggon to the SAPGUI?

I.e. I setup user test, set their password to sap12345 but don't want them to have the option of changing the password.

Can this be done.

Regards

Paul M.

os
Posts: 469
Joined: Wed Dec 21, 2005 10:51 am

Re: Initial Password

Post by os » Wed Jun 04, 2014 3:40 pm

Yes.

ps: which release are you on?

chutney374
Posts: 44
Joined: Mon Jan 09, 2012 2:39 am

Re: Initial Password

Post by chutney374 » Thu Jun 05, 2014 1:24 am

os wrote:Yes.

ps: which release are you on?

Version is Netweaver 7.4

os
Posts: 469
Joined: Wed Dec 21, 2005 10:51 am

Re: Initial Password

Post by os » Wed Aug 06, 2014 4:33 pm

If the UME is AD and logon ticket or SAML is sufficient for authentication, then best is to deactivate the password. The active password is the problem and you dont need it.

If UME is the ABAP system, then you have some options via parameter login/password_change_for_SSO. But possibly you set the password rules too strict? As of 7.31 you can also use user base policies for ABAP same as for the Java stack before.

You will need to describe your UME and login/* parameters in more detail to be able to get a definitive answer.

Post Reply