on 09-15-2008 9:58 AM
Hallo,
we have Netweaver CE 7.1 installed with Identity-Management configured to use an OpenLDAP.
In the security concept the expiration of passwords is set to 60 days.
Nethertheless whenever I login to the system with Administrator of UME I have to change the password. So I change PW of Administrator 30+ times a day.
Is the problem coming from the OpenLDAP-Connection (new to system, didnt have problems before) or did I configure something wrong in security concept?
Any ideas to start searching?
Otmar
After a ton of testing I found out where the problem lies.
The option "Enforce Password Security Policy at Logon" forces me to change the password on every logon.
BUT: my password fits the security policy.
I can even do the following:
(Example)
Old PW: Admin1
New PW: Admin2
Identity Management accepts the change, but forces me to change PW on next logon. Seems quite strange to me.
Anyone another idea?
Otmar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Are you saying that when you disable Enforce password security at logon, you do not have the problem anymore? If so I am surprised. Nor did I suggest that you enable this option. This option is there to make sure all users who set their passwords under an old security policy now adhere to the new security policy.
For some reason the system believes that you are setting the initial password each time. Are you changing your password in the change password screen during logon or are you going in as admin and resettting the password?
Can you logon to your LDAP directly (without the UME)? Do you get prompted to change your password?
Is it only this user that is having this problem or do all users have this problem?
What is the Password Validity Period for the UME security policy?
-Michael
> Are you saying that when you disable Enforce password security at logon, you do not have the problem anymore?
Exactly
> For some reason the system believes that you are setting the initial password each time. Are you changing your password in the change password screen during logon or are you going in as admin and resettting the password?
Change PW during Logon
> Can you logon to your LDAP directly (without the UME)? Do you get prompted to change your password?
No sorry, LDAP of customer, can't log in there
> Is it only this user that is having this problem or do all users have this problem?
I had the problems with all UME-Users
> What is the Password Validity Period for the UME security policy?
60 days
Hello Otmar,
we are having the same problem here.
SPS 11, and the "Enforce Password Security Policy at Logon" is checked.
Could you find any further information on this problem? Could you confirm from SAP that it's their fault?
We are going to change our password policy on our productive system soon, but have to make sure it's really just because of that checkbox.
We don't want this to happen to all our users when their password expires normally, and we can't be sure as long as we don't know exactly what is the problem.
Best regards,
Florian
Hi Omar,
Start here and see what you have configured in on the AS Java side: [Configuring the Security Policy for User ID and Passwords|http://help.sap.com/saphelp_nwce10/helpdata/en/43/3d77734ae830f3e10000000a11466f/frameset.htm].
Read through this as well: [Security Policy|http://help.sap.com/saphelp_nwce10/helpdata/en/7f/c52442ad9f5133e10000000a155106/frameset.htm]
-Michael
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.