07-02-2008 7:50 AM
Hello,
Even after I reset the password of a particular user, the User gets this error - Initial Password has expired(create new one)
while logging in.
Kindly help.
07-02-2008 7:56 AM
Hi,
Please try going in SU01->Logon Tab then give the password
hope this helps
07-02-2008 8:03 AM
The thing is I am doing mass password change using LSMW, so I am using the Change Password(Shift+F8) button on the initial SU01 screen only.
But I can't think of any reason why this should not work and changing it through the Logon Data tab should.
Please explain.
07-02-2008 8:16 AM
This sounds like normal behaviour; you reset the password of the user, but the user still has to change it upon logging in.
If an admin resets a user's password via SU01, that user will always have to change the password when logging in, as long as the user type is Dialog. SAP is designed to work this way; it's not an error...
07-02-2008 8:23 AM
I agree with Trond.
The reason why the system is throwing this message at the user, is most likely because the value of param login/password_max_idle_initial has been exceeded between the date of the reset and the current date when the user uses the password for the first time.
07-02-2008 8:38 AM
Yeah, but in spite of that, when I(system admin) is resetting it, irrespective of the value of 'login/password_max_idle_initial', teh user should be able to login using the new initial password.
Is this a bug of some kind?
07-02-2008 8:42 AM
> Yeah, but in spite of that, when I(system admin) is resetting it, irrespective of the value of 'login/password_max_idle_initial', teh user should be able to login using the new initial password.
No, it is not "in spite of" or "irrespective". If login/password_max_idle_initial is set to '1' for example and the dialog user takes more than 1 day to logon for the first time, the password based authentication is not permitted => Initial password has expired (create new one).
07-02-2008 9:22 AM
login/password_max_idle_initial = 90
login/password_max_idle_productive = 90
07-02-2008 10:09 AM
Hi
login/password_max_idle_initial = 90 {Intial password created by Administrator remains valid for 90 days if it is not used. }
login/password_max_idle_productive = 90 { Password created by user ramains valid for 90 days if not used}
07-02-2008 10:22 AM
>
> login/password_max_idle_initial = 90
> login/password_max_idle_productive = 90
Hmmm... then I'm wrong, or the message text being thrown by the system is not accurate about the reason for the incomplete password logon.
Does this happen to all users for whom you reset the password in SU01?
Do you use any CUA or passwordless authentication (Single-Sign-On, etc) in the system? (the password might infact by deactivated... check USR02-CODVN field if there is an 'X' in it for these users).
Other than that I am out of ideas, and the best way is probably to open a customer message with SAP and ask them to take a look (or they know of an already existing correction SAP note).
Cheers,
Julius
07-02-2008 10:43 AM
Hi Deepak,
please check SAP note # 1026425 .
Try another initial password than you 'usually' use as initial password
b.rgds, bernhard
07-02-2008 11:02 AM
So the error message is slightly inaccurate. No wonder basis people always claim they cannot work without SAP_ALL...
PS: See the English translation.
@ Gaudam: If you set an initial password using the "wizard" and it works, then Bernhard is correct.
07-02-2008 11:24 AM
sh....ooot.
you are right.
The english version of that note is not correct...
The message number should be 00 182 instead of 01 182. Then the english translation will be correct... I'll trigger the correction... ;-(
update:
DE version is corrected already, translation to EN should be finishe within the next 2 days...
Edited by: Bernhard Hochreiter on Jul 2, 2008 1:39 PM
07-02-2008 1:16 PM
Thanks
@ Gautam: Does that answer your question now and solve the problem?
07-02-2008 3:19 PM
Unfortunately, it doesn't.
2 problems:
1. The error we get is "Initial Password has expired(create new one)" and not the one mentioned in the note #1026425
2. We have Basis Release 7.00 and I don't understand how 'login/password_max_idle_initial = 90' is the reason for my problem
Could you please explain how this parameter is affecting the Password Reset
Thanks a bunch in advance.
07-02-2008 3:24 PM
Hi Gautam,
See above => the note is going to change in the next two days.
Could the user logon if you reset the password using the wizard, or not?
Cheers,
Julius
07-09-2008 5:26 AM
07-09-2008 9:41 AM
Hi Gautam,
Thanks for following up on your threads.
So, did choosing a different password solve the problem?
Cheers,
Julius
07-09-2008 9:56 AM
Yes, I assigned a new(different) initial password and no more errors since.