11-26-2014 4:06 PM
We are about to update our password parameters in EEC6 to enable 'stronger' passwords. The issue that I have is for our users classed as user type communication and how these will be affected, if at all. I can see that there is a definition of interactive or non interactive communication users and all of ours seem to be in the non interactive class, the question is even though they are non interactive will the password parameter changes mean that an initial password will still be required
thanks
11-26-2014 9:56 PM
Slightly off topic but the new releases support security policies that allows you to assign different password rules to different groups of users.
Cheers
11-26-2014 6:12 PM
Hi
There are two kinds of non interactive users: Communication & System (see note 622464 - Change: Password change req. entry for "SYSTEM" user type).
System type users cannot change password thus it should not be affected.
Also make sure to set parameter login/password_compliance_to_current_policy to 1 (862989 - New password rules as of SAP NetWeaver 2004s (NW ABAP 7.0))
I've done a quick test and in fact system type users with non compliant password are not affected by password rules changes, even if login/password_compliance_to_current_policy is set to 1.
Regards
11-26-2014 6:37 PM
Debbie,
We converted most of our Communication users to System users when we updated our complexity and password expiration policies a few years ago for this very reason. It worked very well.
Regards,
Matt
11-27-2014 9:10 AM
Matt,
Thank for the reply, we did think of this solution so may be implementing it, but it is always useful to collect the knowledge and experience of other users.
Regards
11-26-2014 9:56 PM
Slightly off topic but the new releases support security policies that allows you to assign different password rules to different groups of users.
Cheers