02-10-2014 9:36 AM
Hi Community,
we want to have a new Password policy. In order of this we created this Parameters:
login/fails_to_user_lock 6
login/password_compliance_to_current_policy 1
login/min_password_lng 8
login/min_password_digits 1
login/min_password_letters 1
login/min_password_specials 1
login/password_expiration_time 0
login/password_max_idle_productive 0
login/password_history_size 3
login/password_max_idle_initial 2
login/min_password_uppercase 1
First we implemented this Parameters on our BW Systems. After that we restarted the System.
Existing User can now Login with their old Passwords. Only newly created Users. Or old users that Forget their Passwords have to create a new Password with the new policy.
So that is what we want.
A new policy, but old users can Login with their old Passwords.
After that worked correctly on our BW Systems. We want to implement this in our ERP Systems. But in our ERP Systems with the exaclty same Parameters and after reboot. ALL of our Users become a popup to Change their Password.
But as i mentioned above. We want that old users can logon with their old Passwords.
So what is happening here that the Parameters works correctly on our BW Systems but not on our ERP Systems?
Thanks for your help.
Kind Regards
02-10-2014 10:01 AM
Hello, a guess from would be the parameter "login/password_compliance_to_current_policy". This parameter force the user to change their passwords if there current password don't fit the new password policy. Check this parameter in your ERP System, if it is set to 1 than you know the reaseon why. Kind regards, Bernhard
02-10-2014 10:23 AM
02-10-2014 1:18 PM
The docu about the logon and password parameters inlcuding the one mentioned Bernhard and Michael:
http://help.sap.com/saphelp_nw2004s/helpdata/en/22/41c43ac23cef2fe10000000a114084/content.htm
note: 862989
02-10-2014 11:20 PM
That is most likely because the BW users are set up as SERVICE type users and are not subject to password validity parameters.
The ERP users are DIALOG type users and the compliance to current policy parameter is applicable for them.
-> Several of the login* parameters have user type dependencies.
But there is also another possible reason. Is your BW system on 7.31 basis release? Go to transaction SECPOL and check whether there are any available policies there... do any of them contain the compliance setting = 0 and are assigned to the users?
-> Policies take preference over parameters now.
Cheers,
Julius