cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PI standard users password management

Former Member

on ‎02-14-2008 6:15 AM

0 Kudos

Hi Experts,

What is the best practice for password management of PI standard users? Shall all the users be given the same password at the time of installations? What are the implications of changing the passwords at a later stage, specially of the PISUPER user which has to be reflected in the Java stack also.

Thanks & Regards,

Shobhit

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎02-14-2008 6:30 AM
0 Kudos

Hi,

Its always preferable to follow the same password as below instead of changing it. it may lead to abrrupt behaviour. I am not sure.

Probably below links will help you

The XISUPER user has a pwd of XIPASS.

The following service users are created during the installation, and the passwords are specified at that time. You should check with the basis people.

XIREPUSER - User for the Integration Repository

XIDIRUSER - User for the Integration Directory

XIAPPLUSER - User for sender applications

XIRWBUSER - User for the Runtime Workbench

XILDUSER - User for the System Landscape Directory

XIISUSER - User for the Integration Server

XIAFUSER - User for the Adapter Engine (communication between SLD, Integration Server, and Adapter Framework)

LSADMIN - User for the Change Management Server

http://help.sap.com/saphelp_nw04/helpdata/en/f4/67b340be3dff5fe10000000a155106/frameset.htm

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/14a57f2a-0a01-0010-08bb-8cd5bb90...

Thanks

Swarup

Show replies
Show replies
Former Member
‎02-14-2008 9:15 AM
0 Kudos

Hi Swarup,

Could you also tell me what roles should be assigned to PI developers and PI administrators respectively so that the dependency on these standard users is not there to to development and configuration activities.

I understand that for some specific tasks, these standard users are required as these are service users. But in case the customer is not willing to share the password of these standard service users, can some roles be assigned to the XI developers so that they can work on IR and ID; and to XI administrators so that they can work on IR, ID, RWD and SLD all with the same password.

Thanks & Regards,

Shobhit

Former Member
‎02-14-2008 9:21 AM
0 Kudos

Hi Swarup,

Please have a look at the different roles which can be given to users.

below link will list all the roles and the affect of that roles in terms of IR,ID,RWB etc.

http://www.erpgenie.com/sap/netweaver/xi/xiauthorizations.htm

In project:

Deveopler is given the developer rights only. Rights for creating SWCV,namespace,SLD,Alert rule,transaction rights on certain transaction is given to Basis people and they are responsible for performing the above tasks.

If customer is not willing to give password of service user then sometime Basis people assign the rights which is required for certain activities through SU01 transaction to Basis user.

Thnx

Chirag

Former Member
‎02-14-2008 9:36 AM
0 Kudos

HI

You need below Roles, even the above link will be also helpful,

SAP XI Developer

SAP_XI_DEVELOPER

SAP_XI_DEVELOPER_ABAP

SAP_XI_DEVELOPER_J2EE

SAP_SLD_DEVELOPER

SAP_XI_DEMOAPP

SAP XI Configurator

SAP_XI_CONFIGURATOR

SAP_XI_CONFIGURATOR_ABAP

SAP_XI_CONFIGURATOR_J2EE

SAP_SLD_CONFIGURATOR

SAP_XI_BPE_CONFIGURATOR_ABAP

SAP_XI_DEMOAPP

SAP DISPLAY roles

SAP_XI_DISPLAY_USER

SAP_XI_DISPLAY_USER_ABAP

SAP_XI_DISPLAY_USER_J2EE

SAP_SLD_GUEST

SAP Monitoring roles

SAP_XI_MONITOR

SAP_XI_MONITOR_ABAP

SAP_XI_MONITOR_J2EE

SAP_XI_BPE_MONITOR_ABAP

SAP_XI_DEMOAPP

SAP_SLD_GUEST

The Above Roles are must for Technical User for Developement and Monitoring. The Administrator needs below roles in addition to above roles*

SAP XI ADMINISTRATOR

SAP_XI_ADMINISTRATOR

SAP_ALM_ADMINISTRATOR

SAP_SLD_ADMINISTRATOR

SAP_XI_ADMINISTRATOR_ABAP

SAP_XI_ADMINISTRATOR_J2EE

SAP_XI_BPE_ADMINISTRATOR_ABAP

SAP_ALM_CUSTOMIZER

SAP_XI_DEMOAPP

Thanks

Swarup

prateek
Active Contributor
‎02-14-2008 10:18 AM
0 Kudos

All the service user passwords can be same or different. But using different passwords obviously enhances the security.

What are the implications of changing the passwords at a later stage, specially of the PISUPER user which has to be reflected in the Java stack also.

No implications if the passwords are changed properly using SAP Note 721548

But in case the customer is not willing to share the password of these standard service users, can some roles be assigned to the XI developers so that they can work on IR and ID;

Yes sure. From su01, the client can be requested to assign any specific required role to ur developers user

Regards,

Prateek

Ask a Question