cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

set parameter just for SAP account of Administrator

Former Member

on ‎07-22-2014 4:34 PM

0 Kudos

Dears,

1. Due to system audit that demand to set some special rules of password just for administrators in SAP system.

for example, we need set password's expiration, length, complexity and so on.

I know we could set parameters like ’login/passwd_expiration_tim’ ‘login/min_password_d’
‘login/min_password_letters’ and so on, but these parameters will set for all the users in SAP.

Now we must set some special rules just for some 'Administrators' as the audit demand,

Could you please give me any idea ?

2. Need disable intreractive login for the system account and communication account in SAP, how to archive this ?

Thanks,

Hong

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

JPReyes
Active Contributor
‎07-23-2014 8:03 PM
0 Kudos 


Due to system audit that demand to set some special rules of password just for administrators in SAP system.




 for example, we need set password's expiration, length, complexity and so on.




I know we could set parameters like ’login/passwd_expiration_tim’ ‘login/min_password_d’
‘login/min_password_letters’ and so on, but these parameters will set for all the users in SAP. 


  


Now we must set some special rules just for some 'Administrators' as the audit demand, 


  


Could you please give me any idea ?


login parameters are system wide, only system users are exempt. Seems like your auditor have no idea of how a SAP system works. You cannot set special rules for Administrators...  I cannot find one single reason to have different rules for Admins.


Need disable intreractive login for the system account and communication account in SAP, how to archive this ?

You don't need to achieve that... system and communication users are by definition not interactive users (you cannot logon to the system with them).

Regards, JP

Show replies
Show replies
Former Member
‎07-23-2014 5:11 AM
0 Kudos 


Now we must set some special rules just for some 'Administrators' as the audit demand, 




Could you please give me any idea ?

I would go with roles/authorizations instead of playing at logins.

Even if someone login, they need authorization to do something this is where Audit point comes in.

Regards,

Nick Loy

Show replies
Show replies
ACE-SAP
Active Contributor
‎07-22-2014 5:59 PM
0 Kudos

Hi

1) The password parameter rules does apply to every user, no way to create dedicated rule for a specific user

2) System & communication accounts could not be used for interactive connection as stated in note 327917 - New user types as of Release 4.6C

Regards

Show replies
Show replies
Former Member
‎07-23-2014 11:48 AM
0 Kudos

Hi ,

Thanks for your reply.

Auditor demand to forbiden system accounts for interactive connection too, how to accomplish this ?

B.R

Hong

divyanshu_srivastava3
Active Contributor
‎07-23-2014 1:14 PM
0 Kudos

Hi Hong,

System accounts should point to system users. System users cannot work in GUI mode, they are used for background processing and communication within a system. If you have users performing these task, update their progile and make them system users.

Divyanshu

Ask a Question