You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have moved to SAP Rise but have had an exception on the additional RZ11 Parameter security improvements, e.g. longer and complexer passwords. This exception will soon drop and we will introduce the new parameter changes, but we want to see if it is possible to identify the impact on the users in advance, e.g. x amount of users will get a popup asking to enter a new longer password. I wanted to check if you are aware what is possible to check this in advance? We have a history of wrong user types for different purposes, increasing the reason to check this in advance.
For example, is there a way to report on the logic SAP themselves apply?
The behavior we have been able to document is as follows:
Communication user will always be initial password, as we don’t see a way to set the final password as sap logon is not possible. Thinking of Rise ECS we know there is a parameter saying initial password expire after 7 days, then there is a parameter stating RFC's will be rejected with initial passwords
Reference user will always be initial password, but as these are not real users and no logon is possible, no changes expected due to Rise ECS move
System user and Service user will always be productive password, no changes expected due to Rise ECS move. (Note the behavior does change)
Dialog user can either be initial password or productive password, the behavior we expect:
-- Dialog user with initial password has 7 days to change its initial password in compliance with new policies, or will be locked
-- Dialog user with an old strength productive password set newer then 90 days, no request made to reset password with new policies
-- Dialog user with an old productive password older than 90 days, password will need to be reset with new policies
-- Dialog user with an new strength compliant productive password set newer then 90 days, no request made to reset password
-- Dialog user with an new strength compliant productive password older than 90 days, password will need to be reset again with new policies
Many thanks,
Wouter
The text was updated successfully, but these errors were encountered:
Hello,
We have moved to SAP Rise but have had an exception on the additional RZ11 Parameter security improvements, e.g. longer and complexer passwords. This exception will soon drop and we will introduce the new parameter changes, but we want to see if it is possible to identify the impact on the users in advance, e.g. x amount of users will get a popup asking to enter a new longer password. I wanted to check if you are aware what is possible to check this in advance? We have a history of wrong user types for different purposes, increasing the reason to check this in advance.
For example, is there a way to report on the logic SAP themselves apply?
The behavior we have been able to document is as follows:
-- Dialog user with initial password has 7 days to change its initial password in compliance with new policies, or will be locked
-- Dialog user with an old strength productive password set newer then 90 days, no request made to reset password with new policies
-- Dialog user with an old productive password older than 90 days, password will need to be reset with new policies
-- Dialog user with an new strength compliant productive password set newer then 90 days, no request made to reset password
-- Dialog user with an new strength compliant productive password older than 90 days, password will need to be reset again with new policies
Many thanks,
Wouter
The text was updated successfully, but these errors were encountered: