06-18-2009 11:50 AM
Hi,
We are having a problem with passwords deactivating by themselves on login accounts.
We have discovered that we can reset the password and they start working again, but recently when we do that a short time later it deactivates itself again.
Can you please suggest what could be the problem.
Thanks & Regards
Balaji.P
06-18-2009 12:04 PM
Balaji,
I couldn't get the question properly. Is this deactivation is carried out by Admin by "Deactivate Password" in change password option in SU01?
Or it is due to parameters of Maximum validity after creation of User or Resetting password of existing user?
If the 2nd option is true then you check the following profile parameter values (if you are below release WAS 7.0).
login/password_max_new_valid
login/password_max_reset_valid
Regards,
Dipanjan
06-18-2009 12:57 PM
Hi Dipanjan,
Yes when we reset the password for the user,its getting deactivate again after a certain period of time.
And we are running on WAS 7.0.So is there any parameter related to password,that enables this.Is
the parameter login/password_max_idle_productive is set to the value 24000.So could this be of any use.
Thanks & Regards
Balaji.P
06-18-2009 1:19 PM
Hi Balaji,
login/password_max_idle_productive is used for controlling maximum days a password (set by the user) can be unused (idle). May be you can check what is it's value.
Since you are using SAP NetWeaver 2004s, login/password_max_idle_initial also needs to be checked.
Make sure that these two parameters have fair duration of days which will not deactivate your passwords.
Hope it helps.
Thanks and Regards, Pradeep
06-18-2009 1:53 PM
Agree with Pradeep... by default the parameter values take the measuring Unit as 'D' (Days).. You need to maintain it properly and no need to use the default one..
Also it is recommended that the parameter value for login/password_expiration_time should be lower than the Idle password parameters mentioned by Pradeep.
Also check and go through the documentation of the following parameters:
login/password_change_waittime
login/password_compliance_to_current_policy
login/disable_password_logon
Regards,
Dipanjan
06-18-2009 10:11 PM
> ...the parameter login/password_max_idle_productive is set to the value 24000.
If this is excluded, then Wolfgang's explanation is the next logical conclusion - assuming that the user is logging on via Single-Sign-On to deactivate (also perhaps optionally, and choosing that option..) the password.
I would also be curious to know whether this is a dual stack system and the user is logging on via SSO but to the Java system actually, and you are using a UME pointing to the ABAP stack (which is where you have deactivated the password)?
Cheers,
Julius
06-18-2009 9:41 PM
Please check whether profile parameter login/password_change_for_SSO is set to value 3.
That could also explain this symptom.
To get certainty, I propose to use the analysis approach (by tracing) described in note 495911.
If all that fails, kindly report this as support case to SAP - including the information what actions have have already taken to analyse the problem.