cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Have to Change PW on every login

Former Member

on ‎09-15-2008 9:58 AM

0 Kudos

Hallo,

we have Netweaver CE 7.1 installed with Identity-Management configured to use an OpenLDAP.

In the security concept the expiration of passwords is set to 60 days.

Nethertheless whenever I login to the system with Administrator of UME I have to change the password. So I change PW of Administrator 30+ times a day.

Is the problem coming from the OpenLDAP-Connection (new to system, didnt have problems before) or did I configure something wrong in security concept?

Any ideas to start searching?

Otmar

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎09-16-2008 10:52 AM
0 Kudos

After a ton of testing I found out where the problem lies.

The option "Enforce Password Security Policy at Logon" forces me to change the password on every logon.

BUT: my password fits the security policy.

I can even do the following:

(Example)

Old PW: Admin1

New PW: Admin2

Identity Management accepts the change, but forces me to change PW on next logon. Seems quite strange to me.

Anyone another idea?

Otmar

Show replies
Show replies
MichaelShea
Product and Topic Expert
Product and Topic Expert
‎09-16-2008 11:01 AM
0 Kudos

Are you saying that when you disable Enforce password security at logon, you do not have the problem anymore? If so I am surprised. Nor did I suggest that you enable this option. This option is there to make sure all users who set their passwords under an old security policy now adhere to the new security policy.

For some reason the system believes that you are setting the initial password each time. Are you changing your password in the change password screen during logon or are you going in as admin and resettting the password?

Can you logon to your LDAP directly (without the UME)? Do you get prompted to change your password?

Is it only this user that is having this problem or do all users have this problem?

What is the Password Validity Period for the UME security policy?

-Michael

Former Member
‎09-16-2008 11:15 AM
0 Kudos

> Are you saying that when you disable Enforce password security at logon, you do not have the problem anymore?

Exactly

> For some reason the system believes that you are setting the initial password each time. Are you changing your password in the change password screen during logon or are you going in as admin and resettting the password?

Change PW during Logon

> Can you logon to your LDAP directly (without the UME)? Do you get prompted to change your password?

No sorry, LDAP of customer, can't log in there

> Is it only this user that is having this problem or do all users have this problem?

I had the problems with all UME-Users

> What is the Password Validity Period for the UME security policy?

60 days

MichaelShea
Product and Topic Expert
Product and Topic Expert
‎09-16-2008 12:19 PM
0 Kudos 
No sorry, LDAP of customer, can't log in there

Can you determine the security policies of the LDAP? Do they match those of the UME?

Is your LDAP supported?

Is the attribute, last password change being set properly?

-Michael

Former Member
‎02-10-2009 11:00 AM
0 Kudos

Hello Otmar,

we are having the same problem here.

SPS 11, and the "Enforce Password Security Policy at Logon" is checked.

Could you find any further information on this problem? Could you confirm from SAP that it's their fault?

We are going to change our password policy on our productive system soon, but have to make sure it's really just because of that checkbox.

We don't want this to happen to all our users when their password expires normally, and we can't be sure as long as we don't know exactly what is the problem.

Best regards,

Florian

MichaelShea
Product and Topic Expert
Product and Topic Expert
‎09-16-2008 8:50 AM
0 Kudos

Hi Omar,

Start here and see what you have configured in on the AS Java side: [Configuring the Security Policy for User ID and Passwords|http://help.sap.com/saphelp_nwce10/helpdata/en/43/3d77734ae830f3e10000000a11466f/frameset.htm].

Read through this as well: [Security Policy|http://help.sap.com/saphelp_nwce10/helpdata/en/7f/c52442ad9f5133e10000000a155106/frameset.htm]

-Michael

Show replies
Show replies
Ask a Question