Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

New Password Policy - Without force the user to change their passwords

Former Member

‎02-10-2014 9:36 AM

0 Kudos

Hi Community,

we want to have a new Password policy. In order of this we created this Parameters:

login/fails_to_user_lock                    6

login/password_compliance_to_current_policy 1

login/min_password_lng                      8

login/min_password_digits                   1

login/min_password_letters                  1

login/min_password_specials                 1

login/password_expiration_time              0

login/password_max_idle_productive          0

login/password_history_size                 3

login/password_max_idle_initial             2

login/min_password_uppercase                1

First we implemented this Parameters on our BW Systems. After that we restarted the System.

Existing User can now Login with their old Passwords. Only newly created Users. Or old users that Forget their Passwords have to create a new Password with the new policy.

So that is what we want.

A new policy, but old users can Login with their old Passwords.

After that worked correctly on our BW Systems. We want to implement this in our ERP Systems. But in our ERP Systems with the exaclty same Parameters and after reboot. ALL of our Users become a popup to Change their Password.

But as i mentioned above. We want that old users can logon with their old Passwords.

So what is happening here that the Parameters works correctly on our BW Systems but not on our ERP Systems?

Thanks for your help.

Kind Regards

4 REPLIES 4

Former Member

‎02-10-2014 10:01 AM

0 Kudos

Hello, a guess from would be the parameter "login/password_compliance_to_current_policy". This parameter force the user to change their passwords if there current password don't fit the new password policy. Check this parameter in your ERP System, if it is set to 1 than you know the reaseon why. Kind regards, Bernhard

MichaelShea
Product and Topic Expert
Product and Topic Expert

‎02-10-2014 10:23 AM

0 Kudos

Could it be that your ERP system is pre 6.40?

dvaillant
Explorer

‎02-10-2014 1:18 PM

0 Kudos

The docu about the logon and password parameters inlcuding the one mentioned Bernhard and Michael:

http://help.sap.com/saphelp_nw2004s/helpdata/en/22/41c43ac23cef2fe10000000a114084/content.htm

note: 862989

Former Member

‎02-10-2014 11:20 PM

0 Kudos

That is most likely because the BW users are set up as SERVICE type users and are not subject to password validity parameters.

The ERP users are DIALOG type users and the compliance to current policy parameter is applicable for them.

-> Several of the login* parameters have user type dependencies.

But there is also another possible reason. Is your BW system on 7.31 basis release? Go to transaction SECPOL and check whether there are any available policies there... do any of them contain the compliance setting = 0 and are assigned to the users?

-> Policies take preference over parameters now.

Cheers,

Julius