cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OS level password requirements

vince_laurent
Active Participant

on ‎12-01-2015 8:14 PM

0 Kudos

Our auditors would like SIDadm and oraSID to have the same rules for passwords that the rest of the company does.  Required password complexity, no password reuse, required password change every 180 days, and lock out after 3 failed attempts. 

I am OK with the first two but  I think the last two might cause some problems ESPECIALLY the lock out one.

I can find docs on SCN related to database security (we run Oracle) but can't seem to locate the same for the OS.

We are currently on HP-UX 11.31 and AIX 7.1.  The HP-UX systems are not trusted systems.  There is an in place with AIX systems integration with Microsoft AD but since the SIDadm and oraSID users don't have an AD account they are managed by 'local' rules.

Any help would be greatly appreciated!

Vince

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

isaias_freitas
Advisor
Advisor
‎12-02-2015 7:36 PM
0 Kudos

Hello Vince,

As far as I know, SAP lets customers have their own OS level password policies. Therefore not providing any suggestions on "elaborate policies".

You can check the Installation Guides, as they could have some observations about the SIDadm password.

For example, using special characters (like "@" or "-") could cause issues with OS level tasks (which are also carried out by upgrade processes).

Regards,

Isaías

Show replies
Show replies
vince_laurent
Active Participant
‎12-02-2015 7:44 PM
0 Kudos

So what happens if the SIDadm or oraSID account are locked to due anything?  What would happen to the SAP system?

isaias_freitas
Advisor
Advisor
‎12-02-2015 7:56 PM
0 Kudos

I don't work with Oracle, so don't know what could happen if oraSID is locked.

About SAP, I believe nothing would happen if SAP was already up and running.

At least I cannot think of anything, now.

Just the same OS level tasks could fail, of course.

Such tasks would be related to the "sapcontrol" command, which is an interface to communicate with the sapstartsrv process in order to perform different operations (start SAP, stop SAP, get runtime information, ...).

Ask a Question