Question: We're looking to increase the controls of passwords eg to enforce 8 alpha numeric characters rather than 6+ any characters.
If anyone has tried this:
- how did you deal with users whose current password didn't meet the new criteria (eg have a 90 day moratorium to allow everyone to change once)
- did internal system passwords get affected
- anything else we should think about?
We won't get away with just issuing a dictat and switching things off
Answer:
Channging 6 -> 8 should have no other affect.
Default will make them change the password and ccomply with your rule WHEN they next have to CHANGE the password. I.e. is would only apply to Dialog users at next login after 90 days, all else remaining the same.
Depending on your release, more parameters can be chosen to force an even better password... (It hurt saying that... ) See the login/* params.
In higher releases of SAP, you can also activate the check against the current password even if still in the validity period, but SAP made a mess of it LONG before this was available so some tramendous surprises could be coming your way.
Tarr
Answer:
If you want to force all users to reset their password after you set the parameters and restart your system you will have to write a short ABAP to change the LTIME field in USR02 to 00:00:00. This will force them to change their password at the next logon.
DO note, changing the table directly does not create a change history record that you requested a forced change and in some relms considered inappropriate.
Answer:
John´s suggestion will force ALL users to reset their password, and at reset they will be required to enter a 8 character password. This will punish the innocent (even if a very light punishment).
A more corporal punishment could befall your communication users (if you are still using the type at all) when LTIME gets set to 0, depending on your release. Some of the symptoms are removed by changing the user type to system.
If you only want those who have a non-compliant password to have to reset it before the 90 days has expired, you have to use another way to determine at logon whether the valid password used is breaching a login/* param (e.g the length), and if so then call the new password routine which is hiding behind F5 instead of proceding further with the logon banana.
A tricky set of params with several dependencies could do it for you, but you will be better off (and save yourself a lot of head-ache) by waiting the 0 to 90 days to get the dialog users accross the border to safety while attending to other things.
For example, you could use the 0 to 90 days to (periodically) change the non-dialog users passwords or deactivate them because, contrary to popular belief, they too can logon to the system and a password is not required.
Tarr
Answer:
Thanks folks
Answer:
A password is not required by non-dialog users logging oin to the system? This is the biggest news since the original release of R/3. Fortunately it isn't true.
There may be stored passwords but there is always a password.
Answer:
A password is not required by non-dialog users logging oin to the system? This is the biggest news since the original release of R/3. Fortunately it isn't true.
There may be stored passwords but there is always a password.
Sorry, you are correct. It is not possible to log onto SAP without valid password dates.
Answer:
Strictly speaking there is always a password or credentials but credentials require a password somewhere in the scheme of things.
How to Earn Rs.25000 every month in internet without Investment?
Changing password standards
Labels:
Sap Basis Faqs
Subscribe to:
Post Comments (Atom)
topics
-
▼
2007
(1406)
-
▼
November
(1359)
- Free Download SAP FI Certification study pdf books
- Implementing SAP R/3 on OS/400
- Update SAP Kernel in UNIX based
- Security Audit Log (BC-SEC).pdf
- Security Audit Log.pdf
- Securities,pdf
- Secure Store & Forward / Digital Signatures (BC-SE...
- Secure Network Communications (BC-SEC-SNC)
- Free download use ful T-codes
- I did not find any OSS notes appropriate for my pr...
- How to apply OSS notes number?
- What is OSS Notes number?
- Where can i access SAP OSS?
- WHAT IS OSS
- Disaster Recovery Plan to Restore Production System
- Steps to Install SAP Note in sap
- Difference Between SAP Notes and Support Package
- Question : Subject : Support packages testing
- Five Different "User Type"
- How to solve the Time Zone Definition Problems?
- Setting the User Decimals Format
- Schedule Manager
- Various Important SAP Basis T-Code
- Trace Functions in sap
- System Trace: Error Analysis in sap
- System Trace(ST01) in sap
- Roles and Authorizations Used in Background Proces...
- Deleting Multiple Spool Requests Simultaneously in...
- Logging and Tracing in spool
- Print and Output Management in spool
- Background Job Monitoring Monitor in CCMS
- Monitoring the Database Using the Alert Monitor
- Monitoring the Operating System Using the Alert Mo...
- Monitoring Memory Management Using the Alert Monitor
- Method Dispatching Monitor in CCMS
- Remote Application Server Status Monitor in CCMS
- GRMG Self-Monitoring Monitor in CCMS
- CCMS Selfmonitoring Monitor for System-Wide Data i...
- Logfile Monitoring Monitor in CCMS
- Logon Load Balancing Monitor in CCMS
- Transaction-Specific Dialog Monitor in CCMS
- Workload Collector Monitor in CCMS
- System Errors Monitor in CCMS
- System Configuration Monitor in CCMS
- Syslog Monitor in CCMS
- Spool System Monitor in CCMS
- Security Monitor in CCMS
- Performance Overview Monitor in CCMS
- Operating System Monitor in CCMS
- Filesystems Monitor in CCMS
- Entire System Monitor in CCMS
- Monitoring the Enqueue Service in CCMS
- Dialog per Application Server Monitor in CCMS
- Dialog Overview Monitor in CCMS
- Database Monitor in CCMS
- Transactional RFC and Queued RFC Monitor in CCMS
- Communications Monitor in CCMS
- Buffers Monitor in CCMS
- Background Job Monitoring Monitor(CCMS)
- Background Processing Monitor(CCMS)
- Availability and Performance Overview Monitor (CCMS)
- SAP CCMS Monitor Templates Monitor Set
- Creating and Changing a Monitoring Pause(CCMS)
- Creating and Changing Monitoring Rules(CCMS)
- Configuring Availability Monitoring(CCMS)
- Update Repositories(CCMS)
- Displaying Central Performance History Reports(CCMS)
- Displaying Report Properties
- Scheduling and Executing a Report
- Variables in Group Names
- Creating a Report Definition(CCMS)
- Maintaining Collection and Reorganization Schemata...
- Maintaining Collection and Reorganization Schemata...
- Creating and Editing a Calendar Schema(CCMS)
- Creating and Editing a Day Schema
- Customizing the Alert Monitor(CCMS)
- Resetting MTEs and Alerts(CCMS)
- Reorganizing Completed Alerts(CCMS)
- Display Completed Alerts(CCMS)
- Automatically Complete Alerts(CCMS)
- Completing Alerts(CCMS)
- Starting Methods (CCMS)
- Processing Alerts(CCMS_
- Displaying the Technical View: Central Performance...
- Displaying the Technical View: Threshold Values(CCMS)
- Displaying the Technical View: Status Autoreaction...
- Displaying the Technical View: Status Data Collector
- Displaying the Technical View: Method Allocation
- Displaying the Technical View: Info on MTE
- Display Types and Views of the Alert Monitor(CCMS)
- Properties of Status Attributes (CCMS)
- Properties of Performance Attributes(CCMS)
- Properties of Log Attributes (CCMS)
- General Properties of Monitoring Tree Elements(CCMS)
- Properties of Monitoring Objects and Attributes
- Elements of the Alert Monitoring Tree
- Alert Monitoring Tree(CCMS)
- Monitors(CCMS)
- Monitor Sets (CCMS)
- Elements of the Alert Monitor (CCMS)
-
▼
November
(1359)
No comments:
Post a Comment