This website is not affiliated with, sponsored by, or approved by SAP AG.

Initial Password

SAP Security

Moderators: Snowy, thx4allthefish, jurjen

Initial Password

Postby chutney374 » Wed Jun 04, 2014 11:44 am

Hi

I'm sure the answer is a resounding no from a SAP standard point of view but here goes:

I have a customer and the customers users don't access the SAP systems via SAPgui but via a portal.

Is there a way to disable the automatic password change at loggon when the system admin/security teams reset a password for a user if the user can't loggon to the SAPGUI?

I.e. I setup user test, set their password to sap12345 but don't want them to have the option of changing the password.

Can this be done.

Regards

Paul M.
chutney374
 
Posts: 44
Joined: Mon Jan 09, 2012 2:39 am

Re: Initial Password

Postby os » Wed Jun 04, 2014 3:40 pm

Yes.

ps: which release are you on?
os
 
Posts: 469
Joined: Wed Dec 21, 2005 10:51 am

Re: Initial Password

Postby chutney374 » Thu Jun 05, 2014 1:24 am

os wrote:Yes.

ps: which release are you on?



Version is Netweaver 7.4
chutney374
 
Posts: 44
Joined: Mon Jan 09, 2012 2:39 am

Re: Initial Password

Postby os » Wed Aug 06, 2014 4:33 pm

If the UME is AD and logon ticket or SAML is sufficient for authentication, then best is to deactivate the password. The active password is the problem and you dont need it.

If UME is the ABAP system, then you have some options via parameter login/password_change_for_SSO. But possibly you set the password rules too strict? As of 7.31 you can also use user base policies for ABAP same as for the Java stack before.

You will need to describe your UME and login/* parameters in more detail to be able to get a definitive answer.
os
 
Posts: 469
Joined: Wed Dec 21, 2005 10:51 am


Return to SAP Security

Who is online

Users browsing this forum: No registered users and 6 guests





loading...


This website is not affiliated with, sponsored by, or approved by SAP AG.