on 2022 May 26 5:30 PM
Hi All,
Could you please advise if there is anyway to stop auto password reset for FFIDs by firefighter application logic for each login ?
Since the SSO is not supporting for FFID through Edge. we are looking for alternatives for web based/Fiori applications through FFID
I have referred other thread, but did not find the suitable solution.
FireFighter ID | SAP Community
Thank you.
Aravind.
Request clarification before answering.
Dear Aravind,
you can set up to use Trusted connection for a particular connector. In that case the Firefighter logon will not use
passwords, hence it will not change the password for every logon.
For Web based UIs (except HANA), you should use Web Based firefighter.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Aravind,
If you are using SAP GRC Access Control solution for FFID provisioning, you should not be providing passwords to end users, nor having to reset them. Your Firefighter IDs should be set as 'Service' User Type, to avoid issues with password policies.
Hope that helps.
Regards.
Pau
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Pau,
Agree with you. Sorry i did not mention about the version, its SAP GRC 12.0.
And we should have restricted the FFIDs to login directly.
However, since the requirement is to use FFIDs even to check Fiori/Web applications also and Edge is not supporting SSO through FF session like how we did easily with IE, that's where users entering password. I even checked with SAP GUI 7.70 switching browser, but did not work.
And its service user only. But once the session is completed, the password resets automatically.
Thank you,
Aravind.
Hi Aravind,
Check this blog post: https://blogs.sap.com/2014/03/24/emergency-access-management-eam-for-webdynpro-applications-or-web-b...
The problem seems to be that SSO is not compatible with Service users. I would recommend to set them as Dialog users, and create a User Policy for them: https://blogs.sap.com/2013/01/04/sap-security-policies-group-policies/
Regards,
Pau
User | Count |
---|---|
7 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.