06-27-2007 8:43 PM
When using SSO2 tickets to authenticate to portal, or BSP apps, or any app on SAP NetWeaver that supports Web browser, if the user in the user store has a password, this password expires.
What is the recommended way to stop the password of the user expiring.
I know that with SAP GUI, we can logon using SNC and the first login will deactivate the users password in SAP user store. I am therefore interested to know how we can do same if user does not logon via SAP GUI, e.g. they may just be using the portal.
Of course, we can manually go to every user account and deactivate the password, or change the password expiry duration period, but I was wondering if there is a better way, like the method used with SAP GUI - e.g. have the users password deactivated when they first logon via browser.
Thanks,
Tim
07-02-2007 1:18 PM
Have a kind look on <a href="https://service.sap.com/sap/support/notes/869218">SAP Note 869218</a> where this issue is addressed.
Regards, Wolfgang
07-01-2007 8:23 PM
Hi,
I noticed nobody has responded to my question yet ... Does this mean that, what I am trying to do is not possible ? Or, perhaps my question is not clear ?
Thanks
Tim
07-02-2007 1:18 PM
Have a kind look on <a href="https://service.sap.com/sap/support/notes/869218">SAP Note 869218</a> where this issue is addressed.
Regards, Wolfgang
07-02-2007 1:26 PM
Wolfgang,
Thank you. This is just what I was looking for, and solves the problem. I will award max points to you for your help.
I don't know why I couldn't find it myself when I looked -maybe I didn't use correct keywords when searching service marketplace !
Take care,
Tim
07-02-2007 1:57 PM
Well, let me know which keywords you have used to find the note.
Maybe we should add it to the note (to make it easier to find it).
Cheers, Wolfgang (note author ...)
07-02-2007 3:26 PM
Wolfgang,
I believe I used something like "password expired browser sso2"
Thanks,
Tim
07-02-2007 3:36 PM
Hmm - that's not the best choice, actually.
But I consider to add "SSO2" as additional keyword.
"expired password" and "SSO" / "Single Sign-On" are already part of the textual description and should therefore be found as keywords. Same as "SAP logon tickets".
"browser", however, is not a good keyword - it's not very significant / specific, enough.
Cheers, Wolfgang
07-02-2007 4:23 PM
Wolfgang,
From my perspective, I knew how to make this work with SAP GUI and SNC, but wasn't sure how to get the same functionality when using a web browser with SSO2 tickets. This is why I used the "browser" keyword. Also, from the documentation I could see that login_change_password_for_SSO was for SAP GUI only, but didn't think that there might be a patch to change this - now the patch is available, perhaps the doc should be updated on SAP help library, so that this SAP note is mentioned ?
I think it would be good to add "sso2" as a valid keyword.
I am pleased to be able to help others to find this SAP note in future - this is a useful and important feature to facilitate SSO deployment.
Thanks again,
Tim
07-03-2007 4:10 PM
Added keywords "SSO2" and "MYSAPSSO2" to <a href="https://service.sap.com/sap/support/notes/869218">SAP Note 869218</a>.
Cheers, Wolfgang