05-14-2007 1:51 AM
Hi everybody,
We want to use login/password_expiration_time to enhance the security level of our system,but we just want it to work on the user type of diag,not communication and system type.Is there any method?
05-14-2007 7:27 AM
Hello,
You use the parameter login/password_expiration_time because you want users to change their password every xx days. However, you want it so that some users don't have to change their password. At database level (not in R/3), you can easily solve this problem: in the table USR02, just set a date far in the future for the field BCDA1 (password last change). For example, if you want to set it so user SMITH does not have to change his password until 2010, you can use the following SQL script : update USR02 set BCDA1 = '20101231' where BNAME='SMITH' Just replace the values for BCDA1 and BNAME with your own values ! This script is for MS SQL Server + R/3 46B and 46C, but the syntax should not be very different for other database systems and R/3 versions.
Thanks,
Dont forget for points
Message was edited by:
kamlesh kheradiya
05-14-2007 4:39 PM
Terry,
System parameter login/password_expiration_time, applies to dialog users only not for service and communication users. So if you set up a value for the parameter login/password_expiration_time, SAP will prompt dialog users only for changing their password.
Hope this helps, Award points for helpful answers,
Regards,
Naveen
05-20-2007 8:31 PM
Sorry, that's wrong.
Only <b>system</b> and <b>service</b> users are excepted from the general obligation to change a password if it was set by the administrator (-> initial / reset password) or when regular password changes (-> login/password_expiration_time) are requested.
See: SAP note 622464
05-15-2007 2:09 AM
Thanks very much!
But as I know,the param login/password_expiration_time is only except for service user (rz11 para document),Do I make a mistake?
05-15-2007 9:15 PM
Terry,
I think only dialogue users are subject to password changes if you use that parameter (May be it is not clear for me too), look at this document for more info.
http://www.sapsecurityonline.com/r3_security/r3_security_user_type.htm
Reward points for helpful answers
Regards,
Naveen
05-16-2007 6:19 AM