Error : Initial Password has expired(create new on...

former_member759680 · ‎07-02-2008

Hello,

Even after I reset the password of a particular user, the User gets this error - Initial Password has expired(create new one)

while logging in.

Kindly help.

Former Member · ‎07-02-2008

Hi,

Please try going in SU01->Logon Tab then give the password

hope this helps

former_member759680 · ‎07-02-2008

The thing is I am doing mass password change using LSMW, so I am using the Change Password(Shift+F8) button on the initial SU01 screen only.

But I can't think of any reason why this should not work and changing it through the Logon Data tab should.

Please explain.

Former Member · ‎07-02-2008

This sounds like normal behaviour; you reset the password of the user, but the user still has to change it upon logging in.

If an admin resets a user's password via SU01, that user will always have to change the password when logging in, as long as the user type is Dialog. SAP is designed to work this way; it's not an error...

Former Member · ‎07-02-2008

I agree with Trond.

The reason why the system is throwing this message at the user, is most likely because the value of param login/password_max_idle_initial has been exceeded between the date of the reset and the current date when the user uses the password for the first time.

former_member759680 · ‎07-02-2008

Yeah, but in spite of that, when I(system admin) is resetting it, irrespective of the value of 'login/password_max_idle_initial', teh user should be able to login using the new initial password.

Is this a bug of some kind?

Former Member · ‎07-02-2008

> Yeah, but in spite of that, when I(system admin) is resetting it, irrespective of the value of 'login/password_max_idle_initial', teh user should be able to login using the new initial password.

No, it is not "in spite of" or "irrespective". If login/password_max_idle_initial is set to '1' for example and the dialog user takes more than 1 day to logon for the first time, the password based authentication is not permitted => Initial password has expired (create new one).

former_member759680 · ‎07-02-2008

login/password_max_idle_initial = 90

login/password_max_idle_productive = 90

Former Member · ‎07-02-2008

Hi

login/password_max_idle_initial = 90 {Intial password created by Administrator remains valid for 90 days if it is not used. }

login/password_max_idle_productive = 90 { Password created by user ramains valid for 90 days if not used}

Former Member · ‎07-02-2008

>


> login/password_max_idle_initial = 90
> login/password_max_idle_productive  = 90

Hmmm... then I'm wrong, or the message text being thrown by the system is not accurate about the reason for the incomplete password logon.

Does this happen to all users for whom you reset the password in SU01?

Do you use any CUA or passwordless authentication (Single-Sign-On, etc) in the system? (the password might infact by deactivated... check USR02-CODVN field if there is an 'X' in it for these users).

Other than that I am out of ideas, and the best way is probably to open a customer message with SAP and ask them to take a look (or they know of an already existing correction SAP note).

Cheers,

Julius

Bernhard_SAP · ‎07-02-2008

Hi Deepak,

please check SAP note # 1026425 .

Try another initial password than you 'usually' use as initial password

b.rgds, bernhard

Former Member · ‎07-02-2008

So the error message is slightly inaccurate. No wonder basis people always claim they cannot work without SAP_ALL...

PS: See the English translation.

@ Gaudam: If you set an initial password using the "wizard" and it works, then Bernhard is correct.

Bernhard_SAP · ‎07-02-2008

sh....ooot.

you are right.

The english version of that note is not correct...

The message number should be 00 182 instead of 01 182. Then the english translation will be correct... I'll trigger the correction... ;-(

update:

DE version is corrected already, translation to EN should be finishe within the next 2 days...

Edited by: Bernhard Hochreiter on Jul 2, 2008 1:39 PM

Former Member · ‎07-02-2008

Thanks

@ Gautam: Does that answer your question now and solve the problem?

former_member759680 · ‎07-02-2008

Unfortunately, it doesn't.

2 problems:

1. The error we get is "Initial Password has expired(create new one)" and not the one mentioned in the note #1026425

2. We have Basis Release 7.00 and I don't understand how 'login/password_max_idle_initial = 90' is the reason for my problem

Could you please explain how this parameter is affecting the Password Reset

Thanks a bunch in advance.

Former Member · ‎07-02-2008

Hi Gautam,

See above => the note is going to change in the next two days.

Could the user logon if you reset the password using the wizard, or not?

Cheers,

Julius

former_member759680 · ‎07-09-2008

Thanks everyone

Former Member · ‎07-09-2008

Hi Gautam,

Thanks for following up on your threads.

So, did choosing a different password solve the problem?

Cheers,

Julius

former_member759680 · ‎07-09-2008

Yes, I assigned a new(different) initial password and no more errors since.

Error : Initial Password has expired(create new one)