Changing initial password on CompanyPortal

Similar Messages

• Prompt to change initial password

  Do you know if it is possible to have a prompt to change initial password on GDS console login?
  How can it be implemented?
  Thank you

  Hi,
  I think,  it is possible to prompt User to change initial password on login.
  Please go through [this link|http://help.sap.com/saphelp_gds20/helpdata/EN/45/1104685aa66cbfe10000000a114a6b/frameset.htm] for more details about User Management in GDS (in the "adding a new User" Section it is clearly mentioned that new user is required to change the password at first login. )
  Hope this helps.
  Regards,
  Shiv

• SAP  Portal  unable to recognize  AD requirement to change initial password

  Hi,
  We configured Active Directory server (2008 R2) as UME for SAP Portal (Netweaver 7.01  SP7).  We matched as many of the security parameters as possible* (ex.  minimum password length, require one number in password, etc.).  The AD parameter "User must change password at Next logon" is set ON.  However, upon attempt to login to SAP Portal with the initial password that was set in AD we are not prompted to change the password.  Rather, the SAP Portal logon attempt fails with message:  "Authentication Denied"
  Has anyone dealt with this problem before?
  Other information: 
  *Our MarketPlace researched indicated that the SAP Portal parameter "ume.ldap.security_policy.password_change_required" (which would correspond to the AD parameter mentioned above) is no longer an available parameter for our SAP Portal version (Netweaver 7.01  SP7).
  In our version of SAP Portal, the AD parameter "User must change password at Next logon" has one parameter which is similar, but does not directly correspond.  The SAP Portal parameter which we do have is "No password change required".  Notice this is the logical opposite of the AD parameter:  AD says to require the password, whereas SAP Portal says it's NOT required.  Therefore, when the AD parameter is set to ON, this results in the Portal parameter being set to OFF.  Even still, we face the login failure.

  You have to note here that implementing SAP IDM is only ONE of the possible options you have. The implementation of IDM in itself is a huge undertaking because of the number of systems and the decision making process involved with it.
  In one of my previous implementations, when SAP IDM was not around, we had Tivoli Access Management tools which took care of the password problems.
  even though we implement IDM and deploy IDM UI on Portal , still user should change password before it expires on AD right ?
  Even with IDM in place, user will not be able to login to SAP portal with an expired AD password. However, in our case, we provide a link on the logon page of SAP portal to the IDM password self service application which will allow the user to change the password.
  Does IDM has any feature like sending notifications before password expiration period ?
  I don't think it does - however I have not explored this option in IDM since most of our users do not have email addresses and we cannot send a reminder. You should be able to create a task (with some customization) in IDM to achieve this.
  Also will the IDM implementation help us in creating users with option "User should change password at next logon" on AD ?
  Yes - IDM does create users with option "User should change password at next logon" in AD.
  With IDM in place and tied to AD, it should be the central place of creating users. It is recommended NOT to create or manipulate the users in any target systems (SAP, AD, etc). IDM should be taking care of all the user provisioning activities.
  is this like a work around to allow users to change password from Portal before it gets expired on Active Directory(AD) ?
  This is not a work around - it is rather a full blown identity management solution for all your company needs.
  You will get a lot of your IDM specific questions answered in the Identity Management forum.
  Thanks,
  Shanti

• CUA environment - changing the initial password of a user.

  Hi Gurus,
  I've encounter a perculiar issue when I assign an initial password to a user.
  My system setup is based on CUA where my Central admin is client 100, with child client 200.
  - I create an ID in client 100, set it to system 200, set initial password as "passW0rd". Save
  - The ID was created in 200
  - Logged in Client 100 using ID and "passW0rd", prompted for new password (i canceled the login)
  - When back to client 100 CUA, in SU01 I select ID and click "EDIT", under the logon data I retype the initial password to "P4ssword"
  - checked SCUL, it's green and user change
  - Logged in Client 100 using ID and "P4ssword", error in password
  - tried the old "passW0rd", prompted for new password.
  I puzzled why the CUA did not redistribute the changed initial password to client 200, another can any ideas?
  I also tried SU01 and click "reset password" button instead of "edit", the changed password was able to distributed to client 200.
  By password change is ok this way or not ok if change within edit mode?
  Thanks,
  Jansen

  Hi Sergo, 
  Yes I realise the "change password" works but for my case I cannot use that function. Any other suggestions. Cos by right even if I were to change in the logon data it should work right?
  Hi Juan,
  Yes I've checked, the IDOCs are in and successful.

• SAP ABAP/BOBJ Infoview initial password change

  Hi all,
  We are using BOBJ Crystal Repors and BI for reporting. All authentication and data security is working great including user/role sync from ABAP stack.
  My problem is as follows - Say I reset the initial password in the ABAP side for a user id. I log into BOBJ Infoview and the new inital password syncs as expected. However.....the infoview does not promt for the user to change the initial password as the ABAP side or portal would. Now the user maintains the initial password the admin set. Again, our portal or ABAP system forces the user to change the initial password but I can't seem to have the infoview do the same.
  Any guidance would be greatly appreciated.
  Thanks!
  SAP BI - Netweaver 2004 S
  BOBJ Enterprise XI 3.1 
  SAP Integration Kit
  Crystal 2008 (12.2.0.29)

  I believe this note pertains to your issue:
  1319430 - SAP Users not prompted to change their passwords    
  Version   1     Validity: 03/18/2009 - active   
  Language   English 
  Edit Show change log 
  Content:    Summary   |   Header Data   |   References   |   Product
  Symptom
  When the SAP system has a new user set to change their password on the initial login and the user attempts to log into Infoview using the SAP integration kit the user is not prompted to change their password.
  Reproducing the Issue
  When SAP system has a new user set to change password on initial login and user attempts to log into Infoview using SAP integration kit the user is not prompted to change password.
  Cause
  This occurs because, as with other 3rd party integration solutions, we do not write to the authentication system but only read the information that is there. Thus we are unable to "CHANGE" an SAP password.
  Resolution
  Have a new user access the SAP GUI or another SAP utility before accessing InfoView for the first time.
  Keywords
  SAP PASSWORD RESET NEW USER

• Initial password change requested with SSO

  Hi all,
  we have well working SSO with EP6 SP2 and standalone ITS. SSO is based on SAP logon ticket. Only one annoying thing appears.
  If a new user is created in SAP R/3, ITS asks for changing of password.
  Does it mean that the user must initially (and later again according to password policy) change the password although we do not use direct access to R/3? If no password change should be required with SSO, how to solve this issue?
  EP6 SP2 P4 HF8
  ITS 6.2 PL14
  R/3 4.7
  Thanks in advance for any good idea.
  Pavol

  Hello,
  We are on a very similar setup as above:
  EP 6.0 SP12 with ITS.
  What we are seeing is that the initial password dialog comes up but there is only the input fields but no "Submit" or "Change" buttons. In summary, new users are not able to change their password through the Portal.
  Any ideas why this might be happening?
  Thanks,
  Siva.

• Problems in Changing LDAP (AD) Initial Password from Portal

  Hello ,
  We are using EP 7.01 SP 05 with Microsoft AD as our user data store (flat structure).
  For newly created users on AD, we are wanting them to be able to change their initial passwords from portal (on their first logon).
  SSL is set up between EP and AD.
  The user we are using to access LDAP has write privileges.
  We are using a standard configuration file (writeable version) (dataSourceConfiguration_ads_writeable_db.xml)
  We are able to modify users from User Administration console (including password change) without any problem.
  However, there are two problems we are facing:
  1. If the flag "User must change password at first logon" is set on AD/LDAP, then on Portal the user is not getting prompted for changing password - and User authentication failed
  2. If the flag "User must change password at first logon" is NOT set on AD/LDAP, then - User is getting prompted to change the password" - however password change is not going through successfully - Error says - "Missing".
  From logs I can see the following error:
  #1.5#0050568767DE006B0000000700005D7C00048EC433D5B0FC#1282873241046#com.sap.security.core.persistence#sap.com/irj#com.sap.security.core.persistence.[cf=com.sap.security.core.persistence.datasource.imp.LDAPPersistence][md=changePassword][cl=64495]#Guest#0#SAP J2EE Engine JTA Transaction : [044ffffffd35700451]#n/a##19ae55e0b17c11dfb0d00050568767de#SAPEngine_Application_Thread[impl:3]_23##0#0#Error##Java###Can not change password
  [EXCEPTION]
  {0}#1#javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - 0000052D: AtrErr: DSID-03190F00, \#1:
  0: 0000052D: DSID-03190F00, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd)
  ]; remaining name 'cn=portal test'
  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3010)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2943)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2749)
  at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1449)
  at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
  at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:161)
  Can any one pls suggest what is this error about and what I am missing.
  Thanks ,
  Shanti

  Hello All,
  Thank you for your time and valuable replies.
  I got rid of the "Missing" error and now I am one step away from the solution.
  Now I am at a stage where: (for a user with initial password on LDAP)
  1. In AD if "User needs to change password on next logon" flag is NOT set - user can successfully logon to portal. (without being prompted for password change)
  2. In AD if "User needs to change password on next logon" flag is set - then user cannot logon to portal - I get User authentication failed error.
  I have went through a lot of discussions around this topic on SDN and different SAP Notes. I have tried to maintain UME Security policy as close as possible to LDAP (I cannot make it exactly same due to some differences in LDAP and UME).
  However, when and administrator can change passwords from UME successfully without any problem - it means that:
  - Security policy is being met
  - Service user used to communicate to LDAP has all the required access
  The only missing piece of the puzzle is how to enable the users to be able to change their passwords (with initial or expired passwords).
  According to Note 865399 - the default value for The property ume.ldap.access.set_pwd is TRUE.
  Also the property ume.ldap.access.pwd.via.usercontext can only be TRUE when ume.ldap.access.set_pwd is set to FALSE.
  So, I have tried setting the following without any success:
  <ume.ldap.access.pwd.via.usercontext>true</ume.ldap.access.pwd.via.usercontext>
  <ume.ldap.access.set_pwd>false</ume.ldap.access.set_pwd>
  Thanks,
  Shanti

• HT5622 I need help trying to figure out why I'm not able to purchase anythi iTunes. I changed my password, that didn't help. I changed my payment type, that didn't help. It initially started when my password got disabled. Any advice?

  I need help trying to figure out why I'm not able to purchase anything on iTunes. I changed my password, that didn't help. I changed my payment type, that didn't help. It initially started when my password got disabled. Any advice?

  I need help trying to figure out why I'm not able to purchase anything on iTunes. I changed my password, that didn't help. I changed my payment type, that didn't help. It initially started when my password got disabled. Any advice?

• Can we change initial Master password at the SAPinst after the installation

  Hi Experts,
  We are having a bit of trouble getting Solution Manager about initial Master password at the SAPinst.
  I have done install the Solution Manager 7.0 SR3.
  However, after installation we have to change the password when used at SAPinst for our company security problem.
  Does anyone know how to change these users password and settings password?
    - J2EE_ADMIN
    - SAPJSF
    - SLDDSUSER
    - SLDAPIUSER
    - ADSUSER
    - ADS_AGENT
    - smdadm
    - Key Phrase for Secure Store
    - SDM Connection password
  Thanks!

  > Does anyone know how to change these users password and settings password?
  >
  >   - J2EE_ADMIN
  >   - SAPJSF
  >   - SLDDSUSER
  >   - SLDAPIUSER
  >   - ADSUSER
  >   - ADS_AGENT
  >   - smdadm
  >   - Key Phrase for Secure Store
  >   - SDM Connection password
  Since a Solution Manager is a double stack installation (ABAP + Java) and has the UME configured that the passwords in the ABAP are used you can change (most of) them in ABAP.
  HOWEVER: Those passwords are used on different places and you would need to check the specific application section where they are used (WebDynpro connections, JCo etc.)
  Markus

• HT204409 How do I change or reset my password for my wifi? I have forgotten my initial password when I setup the wifi and now cant use it with my iPod but it still works with my iPad as the password option doesn't come up like the iPod.

  How do I change or reset my password for my wifi? I have forgotten my initial password when I setup the wifi and now cant use it with my iPod but it still works with my iPad as the password option doesn't come up like the iPod.

  If you are saying that the iPod asks for the password for the network and you do not know it, what may work is to turn on iCloud keychain for the iPod and iPad., Thet may sync the password from the iPad to the iPod
  http://9to5mac.com/2013/10/26/how-to-setup-and-use-icloud-keychain-for-mavericks -and-ios-7/
  Otherwise you will have to go into the router settings and reset the wifi password in the router

• Initial password change.. Urgent Please?

  Hi All,
      We have an Ep6.0 SP12 installation and CUA as user base for the portal. In the CUA, I added the role SAP_BC_JSF_COMMUNIATION for user sapjsf and the xml file used is dataSourceConfiguration_r3_rw.xml.
     now i create a user using portal, i.e. UserAdmin -> create user and am logging in with this userid and password. In the next screen it asks for new password. IT works as expected and thats fine.
    but, if I create a user in CUA and when I login into portal with this userid and password. It doesnt ask for password change. Y is it so?
  Please help me in this regard.
  Thank you

  Still some more input, i just went and checked the account history in portal of the two users, created through portal and also in CUA
  The user created in CUA has the folling history
  Date                          Description
  Not Available                 New account created
  - Dec 31, 2500 12:00:00 AM   Account Valid Date
  Aug 30, 2005 8:04:45 PM Last  Successful Logon
  Dec 31, 9999 12:00:00 AM Last Password Change
  please see the last password change field, is it restricting me to change the password ?
  where as the user created from Portal has the following account history
  Date                       Description
  Aug 30, 2005 6:50:17 PM    New account created
  Aug 30, 2005 12:00:00 AM - Dec 31, 2500 12:00:00 AM   Account Valid Date
  Aug 30, 2005 6:53:53 PM     Last Failed Logon
  Aug 30, 2005 6:50:17 PM     Last Password Change
  as we see the last password change field here, it is pretty much the same as new account created date, so the password is getting expired.
  Could you please have a look at SAP NOTE "858469"
  Could some one please help me in this regard?
  Thank you

• I continue to receive email alerts advising that my Apple ID was used to purchase an app. I changed my password but the alerts continue to come. Purchases are initiated from various different countries. My credit card has never been charged. How cano

  ALerts advising purchases were mde using my Apple IDcontinue to come to my email. I changed my password  but theycontinue to come.Hoes can I stop his.

  It is possible that these emails are phishing attempts. Do NOT click any link in the email. The phishers are very clever in that they seem to follow Apple Graphic Design Standards to near perfection. A sure way to tell is to examine any link the email contains for its target URL. If it does not point to the apple.com domain - NOT just contain the word "apple"in it 'somewhere - but point to the Apple web presence - it is most certainly phishing. If you determine that it is phishing, you can and should FORWARD the email to [email protected] > then DELETE with Prejudice. Also, see Phishing & Other Suspicious Emails > http://www.apple.com/legal/more-resources/phishing/ for more information ÇÇÇ

• ATTENTION!! RECEIVED FRAUDULENT EMAIL PRETENDING TO BE APPLE!! I received an email informing of a purchase made on my account and telling me to change my password if did not purchase the item, which I had not. I have received valid emails from Apple

  ATTENTION!! RECEIVED FRAUDULENT EMAIL PRETENDING TO BE APPLE!! I received an email informing of a purchase made on my account and telling me to change my password if did not purchase the item, which I had not. I have received valid emails from Apple in the past asking letting me know a purchase had been made and asking if I had made the purchase, but the item listed has alway been a purchase that I had made. Since I had received similar emails in the past, I didn't think anything of it. Because I had not purchased the item listed, I immediately clicked on the link in order to change my password, which has been suggested in authentic emails i had received from Apple in the past. The site I was redirected to was exactly the same as the Apple site where you go to change your password. I entered my userID and password and it stated a verification email would be sent, if it was not sent click "resend email." When I did not receive an email, after about 10 seconds I went to the Apple site and followed the SAME EXACT step on pages that were IDENTICAL to the FRAUDULENT website I apparently had just been at. When I clicked "Send verification email," I DID receive an email within seconds, which had a special link that brought me to a page where I could change my password, which I did. I later compared a legitimate email to the FRAUDULENT email and I DID FIND A DIFFERENCE, BUT IT WAS ALMOST UNNOTICEABLE unless you were really, really looking.  I doubt it would be noticed by anyone if not comparing it closely to a real email. THE DIFFERENCE WAS AT THE BOTTOM OF THE AUTHENTIC EMAIL, THERE WERE THREE LINKS THAT COULD BE SELECTED - My Apple ID/Support/Privacy Policy. ON THE FRAUDULENT EMAIL THESE LINKS WERE NOT PRESENT!!! Just today I received an email from Apple stating my password had been changed today. I did not change my password today. When I changed after getting the fake email, I did not think about my SECURITY QUESTIONS!!! If you forget your Apple password, you are able to answer the security questions in place of your ID and you get a confirmation email. Even though I changed my password within a one minute when I did not get a confirmation email with a link to change my password right away and I went dierctly to Apple's site, apparently it was enough time to take all the information on my account - INCLUDING MY DEBIT CARD NUMBER, WHICH HAD BEEN REQUIRED WHEN I INITIALLY SET UP THE ACCOUNT!!! Today I received a call from VISA FRAUD PROTECTION asking about strange activity on my account and stating they were concerned and wanted to ensure I had used the account. I HAD NOT, AND ALL THE MONEY IN MY BANK ACCOUNT HAD BEEN STOLEN!!!!! I am writing this in hopes that many people will see it and NOT FALL VICTIM TO THIS SCAM. Please pay close attention to any emails you supposedly receive from Apple - If the links "MY APPLE ID/SUPPORT/PRIVACY POLICY," PLEASE DO NOT ASSUME IT IS AN AUTHENTIC EMAIL FROM APPLE. I suggest you immediately forward the email to apple, which I didn't do because this happened days ago. Nothing was taken from my money that was already on the Apple account, and nothing had been taken from my checking account. I guess I assumed there had been something wrong with the link in the email directing me to where I could change my password, plus I had gone to the valid Apple website and changed my password for real, and I guess I was thinking that changing my password would prevent someone from being able to acces my account info. PLEASE DO NOT FALL VICTIM TO THIS SCAM AS I DID!!!!

  No need for alarm. There are several folks a day posting like threads. Most folks know these phishing attempts for what they are and merely delete with prejudice.
  To the bottom line... if you wish - and I am sure Apple will take notice - you should FORWARD the email to [email protected] and delete.
  CCC

• ISE 1.2 Guest portal user cannot change their passwords

  I have a WLC 5508(version 7.6) and a server installed  the ISE (version 1.2.1.198)，Now we configured the CWA，Use guest portal as an employee and guest login url，We can use the manually create internal user and password successfully logged in, and we set up allow guest users to change password in Multi-Portal, but the user can not change the password in the guest portal ,I suspect the change password option on the Guest  Portal actually works? Can anyone tell me how to change their own username password in the guest portal ?

  Requiring Guests to Change Password
  You can allow or require guest users to change their password after their initial account credentials are created by the sponsor. If guest users change their passwords, sponsors cannot provide guests with their login credentials if they are lost. The sponsor must create a new guest account.
  You can either allow guests to change their passwords, or you can require that they do it at expiration and at first login. To require internal users using a guest portal to change their password upon their next login, choose Administration > Identity Management > Identities > Users . Select the specific internal user from the Network Access Users list and enable the change password check box.
  Before You Begin
  Create a Guest portal or modify the DefaultGuestPortal. This setting is specific to each Guest portal.
  Step 1 Choose Administration > Web Portal Management > Settings > Guest > Multi-Portal Configuration.
  Step 2 Check the Guest portal to update and click Edit .
  Step 3 Click the Operations tab.
  Step 4 Check either or both options:
  Allow guest users to change password
  Require guest users to change password at expiration and first login
  Step 5 Click Save .

• [Initial Password] CUA vs IdM

  Hi,
  Please correct me if I am wrong: when the CUA cha,ges to password in the child systems, they are set as initial. It means that, on the first logon, the user has to change it.
  Is there a possibility for IdM to set "definitive" password. It seems so to me after reading
  |                     |        CUA        |  Identity Management       |
  | Password management | Initial passwords | yes incl. workflow support |
  in https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/7037d982-40aa-2a10-e283-a76a9dfc93ab, page 29
  Thanks in advance.
  Best regards,
  Guillaume

  IdM can only do what SAP permits.  Depending on how one is authenticating determines the password policy.  An initial password, an expired password and a password reset by an administrator all set the same flag.  The user must change their password on next logon.  The only way around this to write directly to the db with SAP's hash.  A terrible idea and a big security risk. 
  UME uses a delegated model so the password policy depends on what you are authenticating against.  This question is normally asked because a company wants to do password synchronization; one is better off doing SSO.