cancel
Showing results for 
Search instead for 
Did you mean: 

Enterprise Portal - user ID locking after 70 days

Former Member
0 Kudos

Hello,

Forgive me as I'm new to Enterprise Portal, but we currently are using an E Portal which allows use to connect to different applications, including SRM. One of the issues we are having is after 60 days, a user needs to change their password in our system.... However, after 70 days if they havent changed it yet, it completely locks the user out, and they have to call our help desk and go through process to unlock...

Is there a standard approach in which we can prevent the user ID from locking, or at least increase the amount of time it takes? The business wants to go a route with creating a customization to email users after 60 days, but I dont feel thats the best approach as it doesnt really fix the issue...

Thanks

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Thanks for replies.....ill check out thos approaches.

However what about the true issue of a user id getting locked after a certain about of days of not changing their password?  Is there a way to keep the 60 days until a user needs to change their password and just not have their id lock after 70 days if they haven't logged on to change it?

Former Member
0 Kudos

Hi James,

Using Visual Administrator(VA) or Config Tool you can set the UME properties very easily. If you have VA, you can set this yourself else please touch base with the BASIS person or whoever is the adminstrator for the same.

I think setting the value for UME property "ume.logon.security_policy.password_max_idle_time" whis is described in the above link which Mahesh has shared would resolve your issue.

Regards,

Jakes.

Former Member
0 Kudos

I just want to add one more thing here to Arun's reply, that this property can also be handled from Portal administration and its no where dependent on VA or Config tool. However I am not very sure if the change in that property would help achieve the goal.

Navigate to Content Admin > Portal Content > Content Provided By SAP > Admin Interfaces > Admin iView Templates > UM Configuration. Preview this iView and find the property under Direct Editing tab.

Regards,

Atul

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi Farmer,

1. There is property in UME Security policy allow user to change their own passwords.

If this property is checked, after password is expired and user tries to login into portal it will ask user to change the password.

2. Enable Forgot Password link on logon page.

3. You can show a message box, as the user logins into portal if his password is going expire in 5 days.

Thanks,

Santosh

Former Member
0 Kudos

Is there a setting in place which will NOT lock the user ID if he hasn't logged in after a certain amount of time? The issue isnt he has to change his password, the issue is they get locked out if they dont change it within x amount of days...

Thanks

dao_ha
Active Contributor
0 Kudos

Hi James,

What's the datasource of your UME? If it's LDAP, it could be that users must change their passwords within a grace period after the password expiration. Which looks like your case with a grace period of 10 days. If your datasource is UME database, I don't think you can delay changing your password in SAP 🙂

In SAP, the property ume.logon.security_policy.password_max_idle_time (default value is 0) means the no. of days after the last successful logon. If I understand correctly, in your case, users would be locked out if they don't change their passwords after the expiration even if they logged on successfully the previous day. Btw, this property can be access in portal via System Administration -> System Configuration -> UME Configuration -> Security Policy tab -> Password Max Idle Time.

In any case, this is a standard security practice to remind users that they must change their passwords (according to the company's security policy).

Hope it helps.

Dao

MaheshChandra
Active Contributor
0 Kudos

Hi james,

there is a standard approach for maintain number of days for resetting password. (more or less to 60 days). After 60 days when user logins with old details it asks for changing password. There is no standard method for sending a mail before expiration day (as of i know).

Verify this help for UME properties in portal:

http://help.sap.com/saphelp_nw70/helpdata/en/b5/16c43bdd3da244a1d3372a77b5f83f/content.htm

regards,

mahesh