cancel
Showing results for 
Search instead for 
Did you mean: 

Why can't we change the administrator password?

Former Member
0 Kudos

Hi frndz,

I have some doubts and I want to clear those doubts. It looks to be silly, but it will be helpful to me if u post your suggestions.

Why we should not change the administrator password frequently?

We are setting the administrator password for an option-->Never to be expired?

How to lock the administrator password?

How to provide security to the administrator password?

All suggestions are welcome...

Best Regards

Harshavardhan

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi harshavardhan reddy,

Keeping aside the recommandations to implement restricting Administrator userID lock out after certain no of failed attempts.

You are highly recommanded to do below items.

- Please do not give 'Administrator' ID password to all

- If any one required 'Administrator' level of access, upon evaluating the business purpose you may add his/her id to the role as ID 'Administrator'

- The best practice is to change the all UserIDs (except standard/service IDs) password once in Quarter.

Regards

Sekhar

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi Harshawardhan,

X' user can try 'n' no of times to login with administrator user-id

A username is locked once you have tried to loggin with wrong password three times.

Regards,

Sharib Tasneem

Former Member
0 Kudos

Hi Sharib,

SDM Password will be locked if we try for 3 times with a wrong password.

User-id administrator will not be locked for 3 times.

Regards

Harsha

sunny_pahuja2
Active Contributor
0 Kudos

Hi,

> SDM Password will be locked if we try for 3 times with a wrong password.

>

Its not true. If you try password wrong three times in SDM, SDM process will be stopped. you need to start SDM process again.

> User-id administrator will not be locked for 3 times.

>

This is not true. If you will try more than 3 times user will be locked.

Thanks

Sunny

Former Member
0 Kudos

Hi Harsha,

It depend upon your policy, on how many attempts you want to give.

For ABAP server you can set the parameter

"login/fails_to_user_lock"

You can set this in j2ee config tool using Parameter :

"ume.logon.security_policy_.lock_after_invalid_attempts"

Regards,

Sharib Tasneem

Former Member
0 Kudos

Hi Sharab,

I don't know that there is a parameter to set the no of failed attempts for the j2eeadmin password. Thanks for your info.

Whether that parameter is available with Netweaver 7.0 2oo4s version.

Let me know yaar.

Regards

Harshavardhan

Former Member
0 Kudos

Hi Harsha,

Set this parameter in " Netweaver 7.0 2oo4s version"

"login/fails_to_user_lock"

Regards,

Sharib

Former Member
0 Kudos

Hi Harshavardhan,

What are you trying to achive?

Regards

Sekhar

Former Member
0 Kudos

Hi Shekar,

Nothing but I want to know the ways to provide security to the administrator password?

Whether is it not mandatory huh....?

Regards

Vardhan

Former Member
0 Kudos

Hi,

Which administrator on which SAP software ?

Your question is so vague that it has no meaning...

Regards,

Olivier

Former Member
0 Kudos

Hi,

I asked generally not particular to any SAP Software.

Suppose make it as "SAP Netweaver administrator" who has all the permissions and all the roles has been assigned like nwdi administrator role, nwdi developer role, super admin role e.t.c.

Why I asked this question is suppose some 'X' user can try 'n' no of times to login with administrator user-id.

So by any wild guess if he matches the password, that will be a matter of security right.

Regards

Harsha