cancel
Showing results for 
Search instead for 
Did you mean: 

Fire fighter logon and rfc/reject_expired_passwd=1

jbm-sceis
Explorer
0 Kudos
810

We just implemented parameter rfc/reject_expired_passwd=1 on our ECC system, and now we are not able to logon with a FFID. We use ID based fire fighters. I know that GRC sets a new password each time you get a EAM session going, and the password shows as initial each time. Has anybody run into this issue before?

Regards,

James

Accepted Solutions (0)

Answers (1)

Answers (1)

jbm-sceis
Explorer
0 Kudos

Sorry, I'm answering my own question. Note 1702439 says you have to be a Service user in the plug-in. Now that I think of it, we used to have these FFIDs as service users, but then switched to Dialog due to a security recommendation we got from someone. Service users never have their passwords expire - somewhat of a security risk, but since GRC changes the password at each logon I think we can exempt FFIDs from that practice of no Service type users.

Aren't Mondays great?

Best Regards,

James