Login/min_password_digits
Hi there,
I have one application server and one database server for our ECC6. When I tried to change the password for a user in the application server, the system is saying that 'Password should contain 22 digits'. However, this is not happening when I do the password changing in my database server. I checked the value for login/min_password_digits and I notice the following:
In Central Instance,
via RZ10, login/min_password_digits for both application and database profile = 2
via RZ11, login/min_password_digits = 2
In Application Server
via RZ10, login/min_password_digits for both application and database profile = 2
via RZ11, login/min_password_digits = 22
How to I change the value of login/min_password_digits to 2 (instead of 22) in the application server?
Thanks
Hi,
If this doesn't resolve it, check that the parameter isn't set in the Instance profile of your Application server using transaction RZ10.
Regards.
Steve.
Similar Messages
-
Question - Login/min_password_digits to 1
Hello,
We are adding complexity on our passwords. We have tested "Login/min_password_digits to 1" in DEV and QA successfully and ready to move to PROD. The numeric value on passwords is now being required. I have overlooked one possibility and could not test without delaying the deployment for another week since system restart is only on the weekends. My question is the u201Cwhat ifu201D in the scenario I was not able to test.
What happens to the user/users with password that currently do NOT have any numeric value/values? Do they get immediately prompted to change their password with numeric when "Login/min_password_digits to 1" is in effect or only when their password expired and prompted to change?
We are running ECC 6.0 and SAPGUI: 710 Final Release, version 7100.2.8.1039, patch level 8.
Thanks in advance.
John N.Julius Bussche wrote:Julius Bussche wrote:Julius Bussche wrote:>
> > No, you are wrong - communication users are (in principle) also subject of the password change requirements.
> > See note 622464.
> Not in principle, but John's observation is correct in practice. This is not default behaviour either.
Well - if a password change is currently not enforced although it should be, then this is nothing one should rely on ...
> > But you can configure the system (by setting login/password_compliance_to_current_policy to value 1) to check every time a password is validated whether it's still compliant with the current password rule.
> Not every time. A SYSTEM and SERVICE type user's password would not be subject to this, even if it was activated.
Yes, you are right - that point I've forgotten to mention in my posting (but it's documented in the system: the RZ11 documentation of that profile parameter is quite precise).
>
> To mimic any downward compatibility or client programs which might set the PWD to UPPER CASE, I simply don't force a lower case password and for special users change the generated characters to UPPER CASE and ensure that the it does not exceed 8 characters.
Sorry, that's not entirely true: even if you do not enforce the usage of lower-case characters in passwords this does not ensure that you obtain downwards-compatible passwords: as long as you do not prevent the usage of lower-case characters and as long as you do not prevent the usage of passwords which consist of more than 8 characters, you have to deal with (potentially) downwards-incompatible passwords.
>
> But my weapon of choice against this is still rfc/reject expiredpassword and now also icf/reject_expired_password. I find these parameters very efficient in keeping security up to scratch, if the implementation (or clean-up) was done thoroughly.
Do you really think that those two parameters can be set to non-default values in productive systems? I have my (personal) doubts - they are main switches ("on" / "off") effecting the entire system. -
Enhanced login security and password ageing in SAP R3 Enterprise 110
Hi,
today we will activate "Enhanced login security and password ageing" on our R3 (SAP R3 Enterprise 110) development environment.
new parameters
Enhanced login security and password ageing
login/min_password_lng = 8
login/password_expiration_time = 365
login/min_password_diff = 2
login/min_password_letters = 1
login/min_password_digits = 1
anyone any expirience on possible problems which can occur after activating these new settings.
Many thanks in advance
Patrick Van VlerkenNo... this should do what it sais in the tin.
Read,
http://www.*********************/password_sap.htm
Regards
Juan -
Login/min_password_lng max value
Having recently set the below values we are experiencing problems when users place digits or specials at positions above 8. It appears that SAP does not check above character 8. Not at password change nor at login to SAP.
Profile Parameters Attributes for login/min_password_lng tells that minimum value is 3 and maximum value is 8. Does this really mean that anything above 8 is ignored?
This is quite a usability issue.
login/min_password_lng = 8
login/min_password_digits = 1
login/min_password_letters =1
login/min_password_specials = 1>
Vito Fava wrote:
> Profile Parameters Attributes for login/min_password_lng tells that minimum value is 3 and maximum value is 8. Does this really mean that anything above 8 is ignored?
Hi Vito,
no.
This parameter sets only the minimum password length. It has no influence on the verification of input values after the 8th character.
From 7.00 on, the password can be longer than 8 characters. So up to 6.40 the maximum value of this parameter is 8, as the password cannot be longer. From 7.00 on, the max-value for this parameter is 40.
If you are on 7.00 and any input after the 8th character is ignored when logging on, you have set the parameter login/password_downwards_compatibility accordingly to 3,4,or 5 (5 is the most common).
b.rgds, Bernhard -
Hi there!!!
I need your help folks, this is the problem, when i try to logon with the Firefighter ID using the "/virsa/vfat " tcode, i get this message " login/min_password_* is too big", i reviewed the profile parameters (login) at SA38 (RSPARAM) report and looks right.
these are the profile parameters mentioned on error message 01414
Login/min_password_lng
Login/min_password_digits
Login/min_password_letters
Login/min_password_specials
and these are the values on my PRD
Login/min_password_lng=(empty, default value/6)
Login/min_password_digits=3
Login/min_password_letters=5
Login/min_password_specials=(empty, default value/0)
I think these values are according to SAP best practices.
This problem occurs only in PRD, i got the same profile parameters in Develop and works just fine
Thanks in advance
Cuauh!!!Hi
what is the SAP version 4.7 or 6.0. if the sap version is 6.0, no need to maintain the password in Security tab on the fire fighter table.
user type should "Service"
Regards,
Arjuna -
This system does not let you log on using a password
hi all, i am very new to sap basis. i have changed the below profile parameters in RZ10.
login/min_password_length=3
login/min_password_lowercase=1
login/min_password_uppercase=1
login/min_password_digits=2
login/min_password_specials=1
after changing values i restarted the Instance. But the problem is when i am trying to login to the system it is showing an error message : "This system does not let you log on using a password". I know why this error occurs...
but how to resolve this error? plz Help.
Thanks in advancelogin/min_password_length=3
login/min_password_lowercase=1
login/min_password_uppercase=1
login/min_password_digits=2
login/min_password_specials=1
The correct parameter for Min password Lenght is login/min_password_lng.
You can change this at OS level restart and see how it goes...
Regards
Juan -
User is locked in R/3 but still access the application through portal
We are currently on NW2004s SP10 .
We locked the User A in R/3 SRM backend system and from Enterprise Portal the same User A login and try to access the SRM application in backend . The system is allowing to access which we want to prevent .
The authentication ticket type is "SAP Logon Ticket" . The User A is trying to access ITS services through Portal.
Do we have specific SSO parameter which needs to set in backend SRM application .
Thanks
Chandrashekhar KHi
We have maintained the following profile parameter for SSO in our SRM system . From portal we are accessing the SRM system
login/accept_sso2_ticket 1
login/certificate_request_ca_url https://tcs.mySAP.com/invoke/tc/usercert
login/certificate_request_subject CN=&UNAME, OU=&WPOU, O=mySAP.com User, C=DE
login/create_sso2_ticket 0
login/disable_cpic 0
login/disable_multi_gui_login 0
login/disable_multi_rfc_login 0
login/disable_password_logon 0
login/failed_user_auto_unlock 0
login/fails_to_session_end 3
login/fails_to_user_lock 3
login/isolate_rfc_system_calls 0
login/min_password_diff 1
login/min_password_digits 0
login/min_password_letters 0
login/min_password_lng 6
login/min_password_specials 0
login/multi_login_users HP
login/no_automatic_user_sapstar 1
login/password_change_for_SSO 0
login/password_charset 1
login/password_expiration_time 60
login/password_logon_usergroup
login/password_max_new_valid 0
login/password_max_reset_valid 0
login/system_client 400
login/ticket_expiration_time 60
login/ticket_only_by_https 0
login/ticket_only_to_host 0
login/ticketcache_entries_max 1000
login/ticketcache_off 0
login/update_logon_timestamp m
Please suggest as to change any parameter value . We want to restrict the user to access SRM system from portal if he is locked int e SRM system.
Thanks -
Security Parameter Problem in SAP ECC 6.0
Hi eveyone,
We have just activated the profile parameters written below in our new
SAP ECC 6.0 system.
login/min_password_lng = 6
login/min_password_digits = 1
login/min_password_letters = 1
login/fails_to_user_lock = 10
login/fails_to_session_end = 5
login/password_expiration_time = 90
We have tried to logon the system as DDIC, the system wanted a new
password. We have changed the password many times more than 5 times.
But when we try to give the old password, it still says that "The
password must be different from your last 5 passwords".
The problem goes on, even you inactivate the parameters in the profile
and restart the SAP.
How can we solve this problem?Hi everyone,
I want active the profile parameter login/min_password_digits = 1 and
login/min_password_letters = 1 by RZ10. The system give the message:
E login/min_password_digits is not identified identically on all servers.
I changed this parameter on all servers but this message was always there.
Is it OK after restart system?
Best regards
Valachova Miroslava -
Dear All,
Kindly advice,
We have recently changed the instance profile parameters for enabling
the password policy. The parameters that we changed are
login/password_expiration_time 60
login/min_password_specials 1
login/min_password_lng 8
login/min_password_letters 2
login/min_password_digits 1
login/password_max_new_valid 45
login/password_max_reset_valid 45
We are using ECC 4.7
After we have restarted the system, all users were prompted
automatically to change the passwords except three users which we had
created recently.. Although we have given the "login/min_password_lng"
as 8, it still taking 4 letters as password without any special
characters in it.
Kindly advice us in this regard and if u need any more information
please let us know.
Regards
GAURAVHi,
As said by António Barrote, might be you are having more application servers and parameters are set in one server only. If that is the case then if those 3 users are logging in to other server then it will not prompt. Also, if you say that, no we have only one server and all the parameters are set correctly and working fine for other 240 users. Then yes you are right.
As per my understanding, it has not asked for password change for these 3 users because this users are created recently and after creating them you have set the parameters. Hence after the parameters came in to effect it will not ask for password change for these 3 users because the password expiration is 60 days as per value you have set above. Hence after 60 days form the date when you have created those users and set password it will prompt them to change password and at that time it will not allow them to set password for length 4 letters, but will set as per the parameters.
Since for these 3 users password was set before enabling parameters those will apply only after expiration period. Otherwise what you can do is reset the password for them now and ask them to change it and now it will make them change password as per the parameters.
Hope clarified.
Thanks & Regards,
Sharath Babu M -
Password policy not allowing to reconfigure STMS
Hi Guru's,
I have done system copy by database restore method, in post activities I have mistakenly deleted STMS configuration on domain controller, now when I am trying to add production server in landscape.
the password policy is not allowing us to reconfigure STMS.
I have manually reset the TMSADM password with alphanumeric format on all three system in client 000 with user DDIC,but I was getting same error message,
After removing password policy on PRD server it allowed me to configure STMS for PRD server.
Is there other way to reconfigure STMS without removing policy?
policy parameter:
login/min_password_specials ==>1
login/min_password_digits ==>1
since i dont want to remove password policy to reconfigure STMS,
please suggest, alternative.
-Gokul Chitodeyou may want to have a look at SAP Note 761637 - Login restrictions prevent TMSADM logon
-
Pls send me Importent Basis R/3 FAQ's
Hi,
interview purpuse pls send me important Basis Faq's and also pls send me realtime scenarios .If you help I will give more reward points.and also if possible give answers also.
regards,
janaHi,
Search SAP.com FAQ.
1. What is SAP MMC good for?
a) Starting SAP instances
b) Viewing developer traces
c) Stopping SAP instances
d) Deploying SAPGUI
ANSWERS: A, B and C
The SAP MMC has multiple uses. Among them: starting/stopping instances and viewing/analyzing the developer traces (dev_disp, dev_ms, dev_w*).
Ignore the myths -- the reality is that SAP MMC can be installed on remote computers to manage SAP instances the same way as if you were using the actual SAP server. Find the SAP MMC installation components on the SAPGUI CD.
2. The following is true about Kerberos single sign-on (Kerberos 5 SSO):
a) It's only supported in UNIX environments
b) It provides encrypted authentication
c) It works in all Windows platforms
d) It's an SAP add-on available as of Web AS 6.10
ANSWERS: B
Kerberos is available in UNIX and Windows platforms. However, it only works with Windows 2000 and Windows Server 2003 Active Domain Controllers. Windows NT is not suitable for Kerberos 5. It provides encryption, which makes it a better option than regular Secure Single Sign-On. Kerberos SSO has been available since R/3 3.1x.
3. True or False? Since the release of SQL Server 2000, database integrity checks -- and DBCC CHECKDB in particular-- are a thing of the past in SAP.
a) True
b) False
ANSWERS: B
False! DBCCs (checkcatalog and checkdb) are definitely required and they should be performed on a regular basis.
4. What does report RSUSR003 do?
a) Lists logon system settings
b) Reports if passwords for SAP* accounts have not changed
c) Reports if passwords for DDIC are trivial
d) All of the above
ANSWERS: D
Report RSUSR003 lists all logon system settings and it reports if passwords for accounts SAP*, DDIC, SAPCPIC and EARLYWATCH are trivial. That is, the system will report the passwords for those accounts that have not been changed from the delivered ones. This is a handy report SAP auditors frequently ask for it immediately when doing an SAP audit
5. To prevent the use of common password combinations, a system can be set up to include:
a) A list of forbidden passwords in table USR40
b) Instance profile parameter "login/min_password_digits"
c) A list of forbidden passwords in table USR04.
d) No additional configuration, as SAP only allows complex passwords.
ANSWERS: A, B
To avoid this problem, populate Table USR40 with forbidden or illegal passwords combinations. Also, as of Web AS 6.10, instance profile parameter "login/min_password_digits" can be set to a value >= 1 to force users enter at least one digit in their password.
6. After a new installation of R/3 Enterprise, the system has a temporary license. How long does this license last?
a) Four months
b) Four weeks
c) Four days
d) Fourteen days
ANSWERS: B
This temporary license lasts up to four weeks. After that, nobody can log into the system except SAP. Therefore, users must request a permanent license at the early stages of an installation.
7. What is CUA?
a) It's the Control Upgrade Administration program, used during an SAP upgrade.
b) It stands for Central User Administration, where a central client manages all user accounts.
ANSWER: B
Central User Administration (CUA) was introduced in R/3 4.6 to provide a mechanism that allows central user management. Once configured, all user accounts are managed from a central client
. To prevent having to adjust output devices (e.g. print queue definitions) in every system each time they are transported from one system to another, an administrator can:
a) Set up a logical spool server by the same name in the source system and the target systems
b) Set up all printers to use "__DEFAULT" as the host printer
ANSWER: A
A logical spool server mapped to the real spool server can solve this problem by adjusting output devices after importing them.
For example, logical spool server "logicalspooler" can be set up in the customizing, quality assurance and production systems; printers get assigned to this spool server and they get transported. Because "logicalspooler" exists on the target systems, there is no need to change anything after the transport is imported.
9. True or False? In order to read developer traces, you have to go the operating system, because SAP does not have a way to do this within the application.
a) True
b) False
ANSWER: B
False! SAP provides transaction ST11 for this purpose. ST11 can even sort the trace files by date and time.
10. How can the logon screen be modified to include informational text, such as the company name, address, the system role, etc.?
a) Run transaction SE61, create object ZLOGIN_SCREEN_INFO and enter the desired text.
b) Ask SAP to modify the logon screen for you.
c) Using a C or C++ recompile SAPGUI.exe with the new text.
ANSWER: A
As of SAP version 4.6, transaction SE61 can be used to create object ZLOGIN_SCREEN_INFO. Text and icons can be added to messages that can appear at the logon screen.
11. True or False? MS-SQL Server can be installed using all the delivered default settings. Everything is controlled within the application, so SAP requires only a database engine to work.
a) True
b) False
ANSWER: B
False! MS-SQL Server needs to be configured with binary sort order and 850 multilingual character set. Therefore, using all defaults during a SQL Server installation will not work. The SAP installation program will fail.
12. What SAP transaction can assist in detecting I/O bottlenecks?
a) ST22
b) ST06
c) OS06
d) ST10
ANSWER: B, C
Either ST06 or OS06 can monitor disk I/O. These transactions are very convenient, as you do not have to go to the OS level. On the other hand, tools at the OS level may offer a more detailed analysis (e.g. Performance Monitor in Windows).
13. What does transaction SPAM do?
a) It configures the system to block spam e-mail in the business workplace.
b) It defines and import support package queues.
c) It displays the support packages that have been imported into the system.
d) Nothing. It's not an SAP transaction.
ANSWER: B, C
Transaction SPAM not only lists the support packages that have been imported into the system, but it also defines queues of support packages that can be imported. It's also the transaction that carries out the import.
14. If an SAP instance does not start after making changes to the instance profile via RZ10, what is the best course of action?
a) Restore the database from the last full backup
b) Edit the profile at the operating system level and manually change it back to the way it was. Then, restart the instance and correct the problem via RZ10.
c) Copy the instance profile from a working system into the affected system. d) Log a trouble ticket at the SAP Support Portal
ANSWER: B
In an emergency, the best thing to do is to manually edit and correct the problem in the instance profile (located under usrsapsysprofile). After successfully restarting the instance run RZ10 and correct the problem there. Save and activate the profile. If possible restart the instance right away and make sure everything works. Otherwise, plan on keeping a close eye on the instance the next time it restarts.
Restoring the database from a full backup will erase all the work done since the backup ended to the moment the problem occurred. Copying the instance profile from another system is a bad idea. The profiles are unique and contain hard coded values. Logging a trouble ticket is not necessary unless you cannot absolutely bring the system back up.
15. Which of the following are possible ways to display the R/3 Kernel patch of a system?
a) Run SM51 and click Release Notes
b) Run disp+work version at the OS level
c) Run SPAM, choose Imported Support Packages and click Display
d) Run SQ01 and click Kernel Patches
ANSWER: A, B
Within SAP run SM51, click Release Notes, and then read the line that says "Kernel Patch number." At the OS level, change it to the:
usrsapsysexerun directory and run dispwork version or dispwork V
Also, look for the "kernel patch number" line.
Useful UNIX SAP Commands.
Basic UNIX commands
Note: not all of these are actually part of UNIX itself, and you may not find them on all UNIX machines. But they can all be used on turing in essentially the same way, by typing the command and hitting return. Note that some of these commands are different on non-Solaris machines - see SunOS differences.
If you've made a typo, the easiest thing to do is hit CTRL-u to cancel the whole line. But you can also edit the command line (see the guide to More UNIX).
UNIX is case-sensitive.
Files
ls --- lists your files
ls -l --- lists your files in 'long format', which contains lots of useful information, e.g. the exact size of the file, who owns the file and who has the right to look at it, and when it was last modified.
ls -a --- lists all files, including the ones whose filenames begin in a dot, which you do not always want to see.
There are many more options, for example to list files by size, by date, recursively etc.
more filename --- shows the first part of a file, just as much as will fit on one screen. Just hit the space bar to see more or q to quit. You can use /pattern to search for a pattern.
emacs filename --- is an editor that lets you create and edit a file. See the emacs page.
mv filename1 filename2 --- moves a file (i.e. gives it a different name, or moves it into a different directory (see below)
cp filename1 filename2 --- copies a file
rm filename --- removes a file. It is wise to use the option rm -i, which will ask you for confirmation before actually deleting anything. You can make this your default by making an alias in your .cshrc file.
diff filename1 filename2 --- compares files, and shows where they differ
wc filename --- tells you how many lines, words, and characters there are in a file
chmod options filename --- lets you change the read, write, and execute permissions on your files. The default is that only you can look at them and change them, but you may sometimes want to change these permissions. For example, chmod o+r filename will make the file readable for everyone, and chmod o-r filename will make it unreadable for others again. Note that for someone to be able to actually look at the file the directories it is in need to be at least executable. See help protection for more details.
File Compression
o gzip filename --- compresses files, so that they take up much less space. Usually text files compress to about half their original size, but it depends very much on the size of the file and the nature of the contents. There are other tools for this purpose, too (e.g. compress), but gzip usually gives the highest compression rate. Gzip produces files with the ending '.gz' appended to the original filename.
o gunzip filename --- uncompresses files compressed by gzip.
o gzcat filename --- lets you look at a gzipped file without actually having to gunzip it (same as gunzip -c). You can even print it directly, using gzcat filename | lpr
printing
o lpr filename --- print. Use the -P option to specify the printer name if you want to use a printer other than your default printer. For example, if you want to print double-sided, use 'lpr -Pvalkyr-d', or if you're at CSLI, you may want to use 'lpr -Pcord115-d'. See 'help printers' for more information about printers and their locations.
o lpq --- check out the printer queue, e.g. to get the number needed for removal, or to see how many other files will be printed before yours will come out
o lprm jobnumber --- remove something from the printer queue. You can find the job number by using lpq. Theoretically you also have to specify a printer name, but this isn't necessary as long as you use your default printer in the department.
o genscript --- converts plain text files into postscript for printing, and gives you some options for formatting. Consider making an alias like alias ecop 'genscript -2 -r \!* | lpr -h -Pvalkyr' to print two pages on one piece of paper.
o dvips filename --- print .dvi files (i.e. files produced by LaTeX). You can use dviselect to print only selected pages. See the LaTeX page for more information about how to save paper when printing drafts.
Directories
Directories, like folders on a Macintosh, are used to group files together in a hierarchical structure.
mkdir dirname --- make a new directory
cd dirname --- change directory. You basically 'go' to another directory, and you will see the files in that directory when you do 'ls'. You always start out in your 'home directory', and you can get back there by typing 'cd' without arguments. 'cd ..' will get you one level up from your current position. You don't have to walk along step by step - you can make big leaps or avoid walking around by specifying pathnames.
pwd --- tells you where you currently are.
Finding things
ff --- find files anywhere on the system. This can be extremely useful if you've forgotten in which directory you put a file, but do remember the name. In fact, if you use ff -p you don't even need the full name, just the beginning. This can also be useful for finding other things on the system, e.g. documentation.
grep string filename(s) --- looks for the string in the files. This can be useful a lot of purposes, e.g. finding the right file among many, figuring out which is the right version of something, and even doing serious corpus work. grep comes in several varieties (grep, egrep, and fgrep) and has a lot of very flexible options. Check out the man pages if this sounds good to you.
About other people
w --- tells you who's logged in, and what they're doing. Especially useful: the 'idle' part. This allows you to see whether they're actually sitting there typing away at their keyboards right at the moment.
who --- tells you who's logged on, and where they're coming from. Useful if you're looking for someone who's actually physically in the same building as you, or in some other particular location.
finger username --- gives you lots of information about that user, e.g. when they last read their mail and whether they're logged in. Often people put other practical information, such as phone numbers and addresses, in a file called .plan. This information is also displayed by 'finger'.
last -1 username --- tells you when the user last logged on and off and from where. Without any options, last will give you a list of everyone's logins.
talk username --- lets you have a (typed) conversation with another user
write username --- lets you exchange one-line messages with another user
elm --- lets you send e-mail messages to people around the world (and, of course, read them). It's not the only mailer you can use, but the one we recommend. See the elm page, and find out about the departmental mailing lists (which you can also find in /user/linguistics/helpfile).
About your (electronic) self
whoami --- returns your username. Sounds useless, but isn't. You may need to find out who it is who forgot to log out somewhere, and make sure you have logged out.
finger & .plan files
of course you can finger yourself, too. That can be useful e.g. as a quick check whether you got new mail. Try to create a useful .plan file soon. Look at other people's .plan files for ideas. The file needs to be readable for everyone in order to be visible through 'finger'. Do 'chmod a+r .plan' if necessary. You should realize that this information is accessible from anywhere in the world, not just to other people on turing.
passwd --- lets you change your password, which you should do regularly (at least once a year). See the LRB guide and/or look at help password.
ps -u yourusername --- lists your processes. Contains lots of information about them, including the process ID, which you need if you have to kill a process. Normally, when you have been kicked out of a dialin session or have otherwise managed to get yourself disconnected abruptly, this list will contain the processes you need to kill. Those may include the shell (tcsh or whatever you're using), and anything you were running, for example emacs or elm. Be careful not to kill your current shell - the one with the number closer to the one of the ps command you're currently running. But if it happens, don't panic. Just try again If you're using an X-display you may have to kill some X processes before you can start them again. These will show only when you use ps -efl, because they're root processes.
kill PID --- kills (ends) the processes with the ID you gave. This works only for your own processes, of course. Get the ID by using ps. If the process doesn't 'die' properly, use the option -9. But attempt without that option first, because it doesn't give the process a chance to finish possibly important business before dying. You may need to kill processes for example if your modem connection was interrupted and you didn't get logged out properly, which sometimes happens.
quota -v --- show what your disk quota is (i.e. how much space you have to store files), how much you're actually using, and in case you've exceeded your quota (which you'll be given an automatic warning about by the system) how much time you have left to sort them out (by deleting or gzipping some, or moving them to your own computer).
du filename --- shows the disk usage of the files and directories in filename (without argument the current directory is used). du -s gives only a total.
last yourusername --- lists your last logins. Can be a useful memory aid for when you were where, how long you've been working for, and keeping track of your phonebill if you're making a non-local phonecall for dialling in.
Connecting to the outside world
nn --- allows you to read news. It will first let you read the news local to turing, and then the remote news. If you want to read only the local or remote news, you can use nnl or nnr, respectively. To learn more about nn type nn, then \tty{:man}, then \tty{=.*}, then \tty, then hit the space bar to step through the manual. Or look at the man page. Or check out the hypertext nn FAQ - probably the easiest and most fun way to go.
rlogin hostname --- lets you connect to a remote host
telnet hostname --- also lets you connect to a remote host. Use rlogin whenever possible.
ftp hostname --- lets you download files from a remote host which is set up as an ftp-server. This is a common method for exchanging academic papers and drafts. If you need to make a paper of yours available in this way, you can (temporarily) put a copy in /user/ftp/pub/TMP. For more permanent solutions, ask Emma. The most important commands within ftp are get for getting files from the remote machine, and put for putting them there (mget and mput let you specify more than one file at once). Sounds straightforward, but be sure not to confuse the two, especially when your physical location doesn't correspond to the direction of the ftp connection you're making. ftp just overwrites files with the same filename. If you're transferring anything other than ASCII text, use binary mode.
lynx --- lets you browse the web from an ordinary terminal. Of course you can see only the text, not the pictures. You can type any URL as an argument to the G command. When you're doing this from any Stanford host you can leave out the .stanford.edu part of the URL when connecting to Stanford URLs. Type H at any time to learn more about lynx, and Q to exit.
Miscellaneous tools
webster word --- looks up the word in an electronic version of Webster's dictionary and returns the definition(s)
date --- shows the current date and time.
cal --- shows a calendar of the current month. Use e.g., 'cal 10 1995' to get that for October 95, or 'cal 1995' to get the whole year.
You can find out more about these commands by looking up their manpages:
man commandname --- shows you the manual page for the command
For further ways of obtaining help, look at the pages with electronic sources of information and non-electronic sources.
More UNIX commands
Back up to the Main Computing Page
The root Directory
Command ls / this command lists the root directory
[agustin@server2 agustin]$ ls /
bin/ boot/ dev/ etc/ home/ initrd/ lib/ mnt/ opt/
proc/ root/ sbin/ tmp/ usr/ var/
Throughout the decade, developers had tried to define standards for the file system hierarchy and for what each of these directories should be used for. But even with the efforts of all these people there are still variations among all distributions.
/ root directory of the entire system
/bin holds system executables
/sbin holds system executables and are essential for starting up the system
/boot holds the files needed during the booting process including the kernel
/dev it is a special directory that holds information regarding peripherals /dev/ttys0, /dev/had, etc.
/home holds all the home directories for all users except root
/lib holds system binary libraries, shared libraries and kernel module
/opt here is where optional applications might go
/root this is the home directory for super user, do not confuse this folder with /
/tmp Here is where temporary files are stored; it is usually emptied when systems restart.
/var is where variable system files go, system logging, file locks, printer Spooling, mail spooling and many others.
/etc This directory holds almost all configuration files. As administrator you will spending most of your time tweaking settings in this folder.
/initrd this directory is used at boot time, in the initrd to perform pivot_root
/mnt This directory is used as a mount point. Here you can temporarily mount medias such as CD-ROM, zip and other file systems. Example: /mnt/windows, /mnt/floppy, mnt/cd-rom
/proc this directory is used as a kernel information access hooks, example of usage:
[agustin@server2 proc]$cat cpuinfo
[agustin@server2 agustin]$cat filesystems
/usr It is a very large directory, holds application programs; it also has several important additional directories.
/usr/bin contains binaries executables
/usr/include This directory contains C headers with various libraries applications.
/usr/local application programs used locally
The Print working directory command: pwd
[agustin@server2 agustin]$ pwd
/home/agustin
[agustin@server2 agustin]$
The command whoami, displays who you are at the current prompt
[agustin@server2 agustin]$ whoami
agustin
[agustin@server2 agustin]$
If you want to know who is logged into the entire system use the who command
[agustin@server2 agustin]$ who
agustin vc/1 Aug 17 07:38
root vc/2 Aug 19 06:51
user1 vc/3 Aug 19 06:46
[agustin@server2 agustin]$
Switching from regular user to root
To gain root's power temporarily use: su
[agustin@server2 agustin]$ su
Password:******* (when you are typing the password, you can not see it)
[root@server2 agustin]# whoami
root
[root@server2 agustin]#
Observe your prompt, it has been changed. When you are in this mode you can do anything; be careful how you use the super user account. Protect the root account at all cost.
The root account is strictly used for system administration. Any regular user cannot do things that are strictly for root unless root grants the right to the user. -
No password sent in GRC10 notification for new users
Hi,
I have a strange problem in our GRC10 system.
We send email notifications to users on completion of user access requests after provisioning is complete. The notification contains the PROVISIONING variable, so new users should be notified of their initial password in the message. This works fine on tests against our development system. The email contains the user ID, the roles assigned, and the password information.
However when the same process is followed in our Production system, the notification only contains the user ID and roles provisioned - no sign of any password information.
We're currently running GRC 10.0 SP13. The plugins are all updated to the same level. We have the global provisioning configuration set OK, and all SAP Notes that appear to be related to the problem have been applied - but I still can't get emails to be displayed in the email notifications to new users.
Can anyone offer any hints or suggestions to try? I have even looked at password-related startup profile parameters as a last desperate straw. I found 4 differences in settings between our Dev and Prod systems. would theses cause an issue? the parameters were:
Dev Prod
login/min_password_digits 0 1
login/min_password_letters 0 1
login/password_downwards_compatibility 1 3
login/password_max_reset_valid N/A 30
That 4th parameter doesn't exist in our Dev profile.
please help - I'm desperate on this one...Hi Ian
I'm starting to run out of suggestions for you.I would probably put a trace on the RFC back to the GRC to see what the system user does. AS well as that check ST22, SM21 and SLG1 logs to see if any error. Already you've confirmed configuration and system match each other so it's down to data and security or program issue.
In using the trace, may be able to identify the function module/RFC and then do a consistency check on the code to make sure nothing out of the ordinary there. Depending on your background grabbing an ABAPer would help her.
Also, as it's your production system do you have multiple app servers and load balancing in play? It's one area where your DEV and PROD may vary. Possibly the password is "leaving" the plug-in but getting lost in the nether as it goes to your GRC. I'm taking a complete stab here and showing my deficiency in Basis and System Admin.
Otherwise, unless Marketplace has another correction not you probably need to raise an Incident.
Regards
Colleen -
It has no response when I try to login database. I cancel the login since I don't have any choices
SQL> connect apps/apps
^CERROR:
ORA-00604: error occurred at recursive SQL level 1
ORA-01013: user requested cancel of current operation
But it is ok if I login as dba role like"/ as sysdba"
Please advice,
AmyWhen did it last work for application users?
What changed?
Identify the faulty trigger & either fix or DROP it.
SQL> desc dba_objects
Name Null? Type
OWNER VARCHAR2(30)
OBJECT_NAME VARCHAR2(128)
SUBOBJECT_NAME VARCHAR2(30)
OBJECT_ID NUMBER
DATA_OBJECT_ID NUMBER
OBJECT_TYPE VARCHAR2(19)
CREATED DATE
LAST_DDL_TIME DATE
TIMESTAMP VARCHAR2(19)
STATUS VARCHAR2(7)
TEMPORARY VARCHAR2(1)
GENERATED VARCHAR2(1)
SECONDARY VARCHAR2(1)SELECT .... WHERE OBJECT_TYPE = 'TRIGGER' .... -
SSO requires double login for partner application
I'm having some trouble with SSO partner applications, when I login to a SSO protected application, the login works fine, but when I try to navigate to another application I'm presented with the login page again, the sso cookie seems to be working since clicking on the login button without entering the user credentials works. For example, I log in to portal and from there I navigate to a forms application that is on the same server and the same port (portal: https://apps.mydomain.com:4444/pls/portal --> forms: https://apps.mydomain.com/forms/frmservlet?config=app) I am presented with the login page and after clicking on the login button without entering any information everything works fine. This is happening for all the middle tiers that are connected to the same OID. Any ideas on what can be wrong on my configuration?
Hi Andrey,
The problem sounds really wierd.
Can you check your SSO settings for your Portal ECC system? I mean, please check the User Management/Administration properties in your System Adminstration of Portal System that points to ECC.
Regards
<i><b>Raja Sekhar</b></i> -
Partner application configuration is missing error on SSO login page
We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Following a link to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly, of course!) then the APEX application is shown. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on Metalink or anywhere else on the Internet. Any ideas? I'm concerned that we have a misconfiguration somewhere that is causing this error and will affect any other partner application we setup in the future.
We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup on both infra and mid tiers.Did you try checking the partner application entries on the SSO-login server page?
please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.
Maybe you are looking for
-
Open and Closed Time Outside of the 15 Minute Options
I have a 13 agent Call Center with one CSQ with Skills based routing. The Call Center closes at 8 pm on Weekdays and 12 pm on Saturday EST. The time of day function only allows me to choose 15 min increments for open and closed. So the Call Cente
-
I cannot open photoshop. It continues to quit unexpectedly
Hi, if i try to open photoshop i get the error ''photoshop quit unexpectedly''. I have the option to ignore, report or reopn. None of these allow me to open the program. I cant remember doing any software updates or adding any new programs. Could som
-
Dbms_scheduler - ORA-27301: system cannot find the file specified
Hi, I'm having problems running an executable job via dbms_scheduler. The invoking code reads: begin dbms_scheduler.create_job(job_name => "fred", job_type => "EXECUTABLE", job_action =
-
I tried to install Selenium IDE and I am getting the message: '''Selenium IDE Java formatter could not be installed because it is not compatible with Firefox 5.0''
-
MacBook Pro completely flat. Won't charge. Battery indication lights not working
My MacBook Pro late 2011 went flat through out the day, I left it open while I went out so it was working this morning. I come home to find it flat and unable to charge. When I plug the charger cable into my computer it faintly flashes from green to