Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Password deactivating

Former Member

‎06-18-2009 11:50 AM

0 Kudos

Hi,

We are having a problem with passwords deactivating by themselves on login accounts.

We have discovered that we can reset the password and they start working again, but recently when we do that a short time later it deactivates itself again.

Can you please suggest what could be the problem.

Thanks & Regards

Balaji.P

6 REPLIES 6

sdipanjan
Active Contributor

‎06-18-2009 12:04 PM

0 Kudos

Balaji,

I couldn't get the question properly. Is this deactivation is carried out by Admin by "Deactivate Password" in change password option in SU01?

Or it is due to parameters of Maximum validity after creation of User or Resetting password of existing user?

If the 2nd option is true then you check the following profile parameter values (if you are below release WAS 7.0).

login/password_max_new_valid

login/password_max_reset_valid

Regards,

Dipanjan

Former Member
In response to sdipanjan

‎06-18-2009 12:57 PM

0 Kudos

Hi Dipanjan,

Yes when we reset the password for the user,its getting deactivate again after a certain period of time.

And we are running on WAS 7.0.So is there any parameter related to password,that enables this.Is

the parameter login/password_max_idle_productive is set to the value 24000.So could this be of any use.

Thanks & Regards

Balaji.P

pradeepmathewch
Employee
Employee
In response to sdipanjan

‎06-18-2009 1:19 PM

0 Kudos

Hi Balaji,

login/password_max_idle_productive is used for controlling maximum days a password (set by the user) can be unused (idle). May be you can check what is it's value.

Since you are using SAP NetWeaver 2004s, login/password_max_idle_initial also needs to be checked.

Make sure that these two parameters have fair duration of days which will not deactivate your passwords.

Hope it helps.

Thanks and Regards, Pradeep

sdipanjan
Active Contributor
In response to sdipanjan

‎06-18-2009 1:53 PM

0 Kudos

Agree with Pradeep... by default the parameter values take the measuring Unit as 'D' (Days).. You need to maintain it properly and no need to use the default one..

Also it is recommended that the parameter value for login/password_expiration_time should be lower than the Idle password parameters mentioned by Pradeep.

Also check and go through the documentation of the following parameters:

login/password_change_waittime

login/password_compliance_to_current_policy

login/disable_password_logon

Regards,

Dipanjan

Former Member
In response to sdipanjan

‎06-18-2009 10:11 PM

0 Kudos

> ...the parameter login/password_max_idle_productive is set to the value 24000.

If this is excluded, then Wolfgang's explanation is the next logical conclusion - assuming that the user is logging on via Single-Sign-On to deactivate (also perhaps optionally, and choosing that option..) the password.

I would also be curious to know whether this is a dual stack system and the user is logging on via SSO but to the Java system actually, and you are using a UME pointing to the ABAP stack (which is where you have deactivated the password)?

Cheers,

Julius

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert

‎06-18-2009 9:41 PM

0 Kudos

Please check whether profile parameter login/password_change_for_SSO is set to value 3.

That could also explain this symptom.

To get certainty, I propose to use the analysis approach (by tracing) described in note 495911.

If all that fails, kindly report this as support case to SAP - including the information what actions have have already taken to analyse the problem.