Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

exception for login/password_expiration_time

Former Member

‎05-14-2007 1:51 AM

0 Kudos

Hi everybody,

We want to use login/password_expiration_time to enhance the security level of our system,but we just want it to work on the user type of diag,not communication and system type.Is there any method?

6 REPLIES 6

Former Member

‎05-14-2007 7:27 AM

0 Kudos

Hello,

You use the parameter login/password_expiration_time because you want users to change their password every xx days. However, you want it so that some users don't have to change their password. At database level (not in R/3), you can easily solve this problem: in the table USR02, just set a date far in the future for the field BCDA1 (password last change). For example, if you want to set it so user SMITH does not have to change his password until 2010, you can use the following SQL script : update USR02 set BCDA1 = '20101231' where BNAME='SMITH' Just replace the values for BCDA1 and BNAME with your own values ! This script is for MS SQL Server + R/3 46B and 46C, but the syntax should not be very different for other database systems and R/3 versions.

Thanks,

Dont forget for points

Message was edited by:

kamlesh kheradiya

Former Member

‎05-14-2007 4:39 PM

0 Kudos

Terry,

System parameter login/password_expiration_time, applies to dialog users only not for service and communication users. So if you set up a value for the parameter login/password_expiration_time, SAP will prompt dialog users only for changing their password.

Hope this helps, Award points for helpful answers,

Regards,

Naveen

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎05-20-2007 8:31 PM

0 Kudos

Sorry, that's wrong.

Only <b>system</b> and <b>service</b> users are excepted from the general obligation to change a password if it was set by the administrator (-> initial / reset password) or when regular password changes (-> login/password_expiration_time) are requested.

See: SAP note 622464

Former Member

‎05-15-2007 2:09 AM

0 Kudos

Thanks very much!

But as I know,the param login/password_expiration_time is only except for service user (rz11 para document),Do I make a mistake?

Former Member
In response to Former Member

‎05-15-2007 9:15 PM

0 Kudos

Terry,

I think only dialogue users are subject to password changes if you use that parameter (May be it is not clear for me too), look at this document for more info.

http://www.sapsecurityonline.com/r3_security/r3_security_user_type.htm

Reward points for helpful answers

Regards,

Naveen

Former Member

‎05-16-2007 6:19 AM

0 Kudos

Thanks very much!