Customise Userid/Password rule

Similar Messages

• Not contain the userid as part of the password (Password Rule).

  Hi Team,
  We are using SAP Netweaver 6.40 and i am trying to set "Not contain the userid as part of the password " as part of the password rules we have and looks like this predefined SAP rule is This rule applies only in systems up to SAP R/3 4.6D.Can anyone lemme know how this rule can be manually implemented.
  Thanking you.

  Hi,
  yes you are right.
  As of Release 6. 10 (Web Application Server), this rule "Not contain the userid as part of the password "  was removed.
  check  Note 2467 - Password rules and preventing incorrect logons
  it is not possible to implement this rule manually. but you can add all userid in table USR40 as exception.
  so user can not use his userid as password. but you can only prevent that user is not used his userid as password ,
  the requirement of  not containing userid as password is not fulfill
  regards,
  kaushal
  Edited by: Kaushal Malavia on Jun 26, 2008 11:54 AM

• How to hide Dynamic Parameter userid/password prompts on infoview

  Hi,
  I want to hide Userid/password for each dynamic parameter, which gets prompts while refreshing or scheduling a report
  I do enter userid and password at CMC->database level but when report has dynamic parameter it still does prompts for each parameter.
  Please advise.
  Megha

  I tried what you suggested..
  Well I run into different error now while refreshing report suing dynamic prompt.
  Error says 'List of Values failure: fail to get values.[Cause of error:Failed to the connetion.ProductName]
  ProductName is my dynamic Parameter.
  Please advise.
  thanks
  Megha

• Use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature?

  Dear all,
  I am looking to setup the use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature. We SSO to the backened ABAP AS via an SAP NW Portal to which SPNEgo kerberos authentication is setup. Today we specify R3 user id/password to digitally approvae a lot release. The idea is to have users maintain one AD password and don't have to remember the R/3 password anymore and also our Security team to avoid password maintenance.
  I know there are 3 options for digital signature and
  System signature with authorization by user ID and password (We use this currently)
  Digital User signature with verification - (We would like to use this with AD userid/password, so the system still ask the users their AD userid/password for the authentication when they try to "sign" a document.)
  User signature without verification
  Do you think there is a way to configure the system in order to ask and check the active directory userid/password instead of SAP R/3 password? Where can I found documentation about it ?
  I have several different versions of AS ABAP starting from NW 7.02 to NW 7.31.
  My active directory is based on Windows 2008.
  Thanks in advance!!
  Dhee

  Actually enabling Kerberos for SSO purposes and enabling Kerberos for digital signatures are two different topics although the latter is because of the former. I'm interested in the topic as well and I'm currently looking at different options. SAP provides a BAdI for the digital signature API which can be used for external authentication but they do not provide the solution to invoke Kerberos authentication based on username and password. SAP provides a semi solution with NWSSO 2.0 SP2 which works only on Windows with classic dynpros meaning SAP GUI for Windows is assumed. The solution is based on an ActiveX component which does the actual Kerberos authentication using the Secure Login Client which is part of the NWSSO suite. Extending that implementation to non-Windows and non-GUI applications would require some sort of web enabled service that could be used to authenticate the user with username and password. In case authentication is successful, a Kerberos token would be returned to SAP which would then be validated. All the required pieces are there since SAP has Kerberos support now in both stacks of the NetWeaver Application Server, some bits are still missing though which leaves customers looking at 3rd party or custom solutions.

• What are the userid,password, and host name for oracle 9i?

  HI Guys.
  I am a research student at the University and the I recently downloaded Oracle 9i for my research. But the problems is also with seting it up. Please could you show me the userid, password, and host name for oracle 9i.
  Thanks in advance for your cooperations.
  Malinga R
  [email protected]

  I believe that starting with 9.2, you have to specify different passwords when you install (can't be the default).
  Justin

• Dynamic UserID/Password for file Adapter

  Hi,
  How to use dynamic UserId/Password for file adapter ?
  (Sender/Receiver)
  In our case the Id/Pwd of FTP Site changes freguently.
  Can anyone help.
  Thanks in Advance
  Regards
  Chemmanz

  Hi Chemmanz,
  >>>>In our case the Id/Pwd of FTP Site changes freguently.
  but do you have those passwords in the message payload?
  if not then you will still have to fill it somewhere right?
  BTW
  the only way would be to use java proxies and write a simple ftp adapter inside it (or your own adapter)
  but this is not possible in standard I believe
  Regards,
  michal

• Convert a web service which has userid/password hard coded......

  Hi,
  We have created a web service in our ECC 5.0 abap system. In SICF we hardcoded the userid/password, the web service works fine and can be called successfully to read the required data from SAP.
  Now we wish to change the process so that the users calling the web service have to pass their userid/password, now things don't work!!
  How do we change things around to the new format?
  Options we are considering are as follows:
  1) Change the function module so that it has import parameters of userid and password (don't think this will work!)
  2) Somehow update the wsdl file so that it includes userid/password, is this possible?
  3) SICF/wsconfig/wsadmin config, but don't know what to do though!!
  Any ideas anyone?
  Thanks.

  > Now we wish to change the process so that the users calling the web service have to pass their userid/password
  1. Do you want to have authorize access to webservice or,
  2. do you want to user supply user/password as a parameter within service.
  for 1st you don't have to do anything just goto SOAMANAGER transaction and select basic http authentication for service endpoint. Every user who want to access (even url of wsdl) need to supply user/password.
  for 2nd option you can integrate user/password field in FM but you need to include code which check and confirm if they are valid credential.
  Regards,
  gourav

• Java and ABAP system, setting new password rules

  Hello,
  we have a ecc 6.0 and in front for the users we have a portal based on netweaver 7.0. Our security colleagues told us, to change the password rules based on our new security book. the portal is getting the users via ume and the datasource is the abap system (ecc 6.0). All users accessing the form the portal to the backend system are communication users. my question now. there are two possiblities to change password rules settings. one in the java system and the other on the abap system. where should be implement the password rules? would the changes on the abap system also affect the java system?
  regards,
  alexander tuerk

  > we have a ecc 6.0 and in front for the users we have a portal based on netweaver 7.0. Our security colleagues told us, to change the password rules based on our new security book. the portal is getting the users via ume and the datasource is the abap system (ecc 6.0).
  For password rules please check the documentation: [Logon and Password Security in the SAP System|http://help.sap.com/saphelp_nw04/helpdata/en/52/6717ed439b11d1896f0000e8322d00/content.htm]
  [Profile Parameters for Logon and Password (Login Parameters)|http://help.sap.com/saphelp_nw04/helpdata/en/32/20709747d649e8bc74e084d0b2432c/frameset.htm]
  and the SAP Note: [Note 862989 - New password rules as of SAP NetWeaver 2004s (NW ABAP 7.0)|https://service.sap.com/sap/support/notes/862989]
  [2467 - Password rules and preventing incorrect logons|https://service.sap.com/~form/handler?_APP=01100107900000000342&_EVENT=REDIR&_NNUM=0000002467&nlang=E]
  All users accessing the form the portal to the backend system are communication users. my question now. there are two possiblities to change password rules settings. one in the java system and the other on the abap system. where should be implement the password rules? would the changes on the abap system also affect the java system?
  Please go through the following Link: [Users and Passwords for AS JAVA|http://help.sap.com/saphelp_nw04/helpdata/en/3d/addc3ed98f7650e10000000a114084/content.htm]
  Regards,
  Dipanjan

• How can we hide userid & password from browser

  How can we hide the userid,password and connectionstring from the address bar of explorer when we run 9i forms on browser

  Ok - I have 9.0.4 and I want to disable this hiding of password, as I have the follwing problem: Forms creates a temporary local file which contains javascript. Per default in xp service pack 2 it is not allowed to run javascript from local file. Is there any parameter in webforms.cfg to disabel the creation of this temporary file?

• UserId/Password Not Given-expected to run SQL Plus

  So that we may better diagnose DOWNLOAD problems, please provide the following information.
  I downloaded Oracle 9i and I'm trying to run SQL Plus and its asking me for a userid, password and a host string. I don't know what the userid, password or host string would be. I wanted to see how I like Oracle for a database and just wanted to enter some SQL.
  How will I know what the userid, password, host string would be?
  - Server name = none
  - Filename = none
  - Date/Time 2/8/02
  - Browser + Version = Internet Explorer
  - O/S + Version = Windows 20000
  - Error Msg = invalid userid/password

  could you please suggest what could be the reasonYou are running Oracle on an unsupported operating system (Vista Home premium). You either need to change the OS or use the package meant for Windows Vista.
  http://www.oracle.com/technology/software/products/database/oracle10g/htdocs/10203vista.html

• Userid/password in a popup dialog box?

  When I sign on to the forums today either on an iPhone or Firefox in windows, I'm getting a popup box to enter userid/password instead of the usual Oracle single sign on page.
  Is this something new?

  Seems to be a feature :-) Has happened many times before - it is typically corrected within a few hours
  Where's my handle?
  Handle not working
  HTH
  Srini

• Using a customised Reset Password workflow and notification in OIM

  Hi all,
  I am using Oracle11.1.1.5 OIM. I am trying to figure out how to create my own customised "Reset Password" process and replace (but not overwrite) the out-of-the-box "Reset password" process in OIM. Does anyone know how to do this? I have checked the documentation, but not sure that writing new java-coded event handlers is the way to go.
  regards,
  Evangelo

  >
  With regards to creating a new (customised) "Reset Password" notification template via the OIM Administration console, how is it possible to change the OOTB(Out-Of-The-Box) "Reset Password" process so that it uses the new (customised) "Reset Password" notification template instead of the OOTB "Reset Password" notification template?
  You can modify existing ResetPassword notification by adding new attributes to the body of the notification. Follow this link http://fusionsecurity.blogspot.in/2011/07/oim-11g-notifications.html to write your custom resolver class and using this class substitute the values of notification attributes with actual values obtained from resolver class. Register this resolver class as plugin to OIM.
  Export the OOTB ResetPassword.xml from metadata/iam-features-request/notification and change the resolver class name to your custom resolver and import it back to MDS.
  Also, the "From:" email attribute does not appear in the OOTB "Reset Password" notification template....where is this set (it is currently set to [email protected])?
  With the OOTB Reset Password Trigger event, NotificationEvent.setSender value is set to XELSYSADM. So the from address will be the email address of xelsysadm.

• Anybody done USERID/PASSWORD authentication against aWindows NT Domain

  I think I'll have to write a C++ Program to the WinNT API to do it
  (LogonUser). Then I'll wrap it with a service object for authentication. Has
  it been done before? Or something similar? We want to validate users against
  a WindowsNT Server DOMAIN.
  -martin ([email protected])

  Hi Martin & All,
  Yes you are right, wrap the API in C++/C then write a PEX file for interface to Forté and use the method to invoke the WinNT API authentication. Do not forget to validate the return values from the methods. They are very crucial in handling exceptions etc., in forte.
  I've done the same to provide the mail user authentication in MAPI API wrapper for Forté.
  Is this what you looking for????
  Regards,
  Sivaram S Ghorakavi mailto:[email protected]
  International Business Corporation http://www.ibcweb.com/
  From: Martin G Nystrom
  Sent: Wednesday, November 26, 1997 1:53 PM
  To: [email protected]
  Subject: Anybody done USERID/PASSWORD authentication against a Windows NTDomain?
  I think I'll have to write a C++ Program to the WinNT API to do it
  (LogonUser). Then I'll wrap it with a service object for authentication. Has
  it been done before? Or something similar? We want to validate users against
  a WindowsNT Server DOMAIN.
  -martin ([email protected])

• Chang system userid/password for another server instance

  It it possible to change the system userid/password for another server
  instance. If so , how ?
  I would like to allow certain groups to be able to start and stop ONLY their
  server without giving out the system account.
  Thanks in advance!

  the relationship between the infrastructure nodes and the application server nodes is a one to many relationship. The infrastructure home should be the only home that the EMWebsite service has been started for.
  the user to log in to em console is ias_admin/<password> if it does not accept the password that you set for this user then try it with caps lock on as you may have had it one when setting the password.
  As 9ias release 2 has been designed with a multiple machine install in mind, if you install more than one instance (multiple oracle homes) on the server then you will end up with multiple apache processes and oc4j processes. This means you will be able to connect to 2 apache server homepages under different ports. That is why you get the same page.

• OID hardcoded userid/password

  I have an application that enables users to self-register
  and upon registration stores their information within OID.
  In order to create users in oid I have to gain access to OID with a predefined userid/password. This is hardcoded in a java class.
  All the java or plsql examples of directory manipulation that i have seen,hard code this username/password.
  Is this the correct way to access OID as if doesn't seem very secure if you have to hard code a username /password.
  Has anyone got any suggestions /solutions to make the access more secure, or perhaps I should be doing it a different way ?

  You cannot get this secure (or more secure) with the approach you describe.
  The alternative is to remove the possibility to self register and use the DAS feauture of the OID and use decentralized OID admins.
  The main issue you face is the fact that you offer a user to self register. In theory I could get to this site and create an account for me. This is ok if the site contains data that is not sensitive, but if the data needs to be protected (access control) you cannot combine this with the self registration.
  cu
  Andreas