Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can we bypass password change after LDAP authentication for first time user

Former Member

‎01-18-2008 2:39 PM

0 Kudos

Hi,

We had SAP J2EE 640 installed with ABAP user management as the data source.

Currently, I am looking into how to enable LDAP authentication with our company LDAP server. I implement external authentication through LDAP for our web dynpro applications, however run into an issue. That is after the user is successfully authenticated through our company LDAP, system automatically prompts the user to change password. Is it possible to avoid first time SAP user to change their password? Since the user might already been prompted to change their password through other non-SAP application, I don't want to prompt them to change the password again.

Your replies are appriciated.

Ling

3 REPLIES 3

Former Member

‎01-19-2008 10:41 PM

0 Kudos

Hello Ling,

By LDAP and first time SAP user, can we assume you are "self_registering" the ABAP user?

Do you deactivate the password at registration of the user ID?

There have been some threads already on related topics. Try a search for "deactivate".

If my assumption is wrong, please clarify.

Kind regards,

Julius

Former Member

‎01-22-2008 8:32 PM

0 Kudos

Hi Julius,

Thanks for your reply. To clarify my question, we did not have "self-registering" turned on. Please see following steps for the scenario:

1) User was defined in company LDAP server. The LDAP is used by SAP as well as non-SAP application throught the corporation.

2) User requests for access of SAP J2EE application.

3) Since we use ABAP as user store, SAP user administrator creates an account for user with a dummy password in SU01 and defines user authorization.

4) User logins to SAP J2EE application with LDAP password. System authenticates through LDAP by utilizing JAAS mechanism. User passes authentication.

5) System prompts user to change password.

I deactivate the password in SU01. It does not help. I change ume.logon.security_policy.password_change_required to false. It does not help. Is there a way to pass changing password?

Thanks,

Ling

Former Member
In response to Former Member

‎01-22-2008 9:34 PM

0 Kudos

Hello Ling,

Recently, there was a discussion on a similar topic to your # 5.

See :

What are your system parameters for rejecting (logons with) "expired" passwords?

Kind regards,

Julius