Users getting forced to change password at least twice when expired

Similar Messages

• Com.sap.db.jdbc.exceptions.JDBCDriverException:user is forced to change password

  Hi all
  I am trying to connect hana using jdbc code
  here is my code
            Class.forName("com.sap.db.jdbc.Driver");
              String url = "jdbc:sap://host:30015/?";
              String user = "Mujadid";
              String password = "Cloud123";
              System.out.println("try to connect to HANA !");
              Connection cn = java.sql.DriverManager.getConnection(url, user, password);
              System.out.println("Connection to HANA successful!");
              ResultSet rs = cn.createStatement().executeQuery("select * from _SYS_STATISTICS.STATISTICS_ALERTS");
              rs.next();
              System.out.println(rs.getString(1));
  I am facing following exception
  com.sap.db.jdbc.exceptions.JDBCDriverException: SAP DBTech JDBC: [414]: user is forced to change password: alter password required for user MUJADID
    at com.sap.db.jdbc.exceptions.SQLExceptionSapDB.createException(SQLExceptionSapDB.java:345)
  Any suggestion?

  Hi Mathan!
  now above error is esolved
  But i m facing following error when i try to read connections table from live2 schema
  com.sap.db.jdbc.exceptions.JDBCDriverException: SAP DBTech JDBC: [259] (at 20): invalid table name:  Could not find table/view CONNECTIONS in schema LIVE2
  and this table exist in LIVE2 schema
  Any suggestion?

• User forced to change password on 1st login

  Hi,
  I have created users on ACS local database and assigned password to the account.
  Is it possible user changes the password on his 1st login ( user is forced to change password on 1st login ), I couldnt see this option on ACS version 4.0

  Hi Ronald,
  Please see link below
  http://tinyurl.com/qurqm9
  Under this documentation look for Password Aging Rules.
  The reason you are unable to see 1st time password change is because by default it is disable, please look for this option click Interface Configuration: Advanced Options: Group-Level Password Aging.
  If you have any question do not hesitate to contact me.

• Windows 7 Expired Password - Recvd Warning prompts but not forced to change password

  Our Windows 7 users are prompted when their passwords will expire in 14 Days, however They are not forced to change thier password before it expires. If the users ignore the expiration warning they can only get logged into the network after having the helpdesk
  reset thier password.
  Is there a way to force Windows 7 users to change thier passwords on the day it expires. Our WinXP users get the 14 day warning and are forced to change thier passwords on day 14.
  I have the GPO configured to notifiy users when thier passwords will expire in 14 days
  Thank you,
  Glen

  Hi,
  After applying above settings, the user can change the password by default at the expire day. Please create a new domain profile and test the issue on several Windows
  7 machines. Can the user be enforced to change password at expire day? If not, please refer to the following steps to collect the information for research.
  1. On the DC, open GPMC, right-click Group Policy Results, choose Group Policy Results Wizard, follow the wizard to collect a Group Policy result for problematic
  Windows 7 client.
  2. On the Windows 7 machine where GPO failed to apply, please perform the following steps to collect log files:
  a) Please add the specified registry key to enable group policy log (%windir%\debug\usermode\gpsvc.log), and remove or rename it to disable group policy log after
  collecting data. You may need to create the Diagnostics key if it is not there.
  HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics
  Type: DWORD
  Value: GPSvcDebugLevel
  Data: 0x30002 (hexadecimal)
  b) Then on the problematic Win7 machine, run command “gpupdate /force”.
  c) Then on the problematic Win7 machine, run command “gpresult /v > gpr_win7.txt”, send me gpr_win7.txt file.
  d) On the problematic Win7 machine, run command “eventvwr”, then expand to Applications and service logs -> Microsoft -> windows -> groupPolicy
  -> Operational. Right-click on it and click “save event as”. Save the file as .evtx format and send it to me.
  e) After that, please send me the above output files. (please zip them first and then send them to me).
  - %windir%\debug\usermode\gpsvc.log
  - gpr_win7.txt
  - win7.evtx
  Please use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the GPMC
  result and the zip files, and then give us the download address.
  Thanks,
  Novak
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

• Error when forced to change password

  Hello,
  We are running W7 Embedded Standard edition.  We have a unit where the user if forced to change their password but get the error message "configuration information could not be read from the domain controller, either because the machine is unavailable,
  or access has been denied".  It is a standalone PC.  To rebuild will require a huge effort. This is the only active account on the PC.  The Administrator and guest accounts are disabled.  Any suggestions on how to get around this ?

   If FBWF or EWF is in the image, disable them and the try changing the password. Also, make sure the user didn't attached the machine to a domain.
  Changing local account policy so passwords never time out. You can create a custom security policy template that installs with the OS that disables password timeout.
  www.annabooks.com / www.seanliming.com / Book Author - Pro Guide to WE8S, Pro Guide to WES 7, Pro Guide to POS for .NET

• Communication user is not requested change password

  Hi
  We have set a general rule, that users must change password every 90 days (login/password_expiration_time). We have now had a communication user in the system for more than 5 months, and the password is still not expired.
  How can this be? Shouldn't communication users be forced to change the password?
  In table USR02 I can see a field XUPWDSTATE - "Password Change Mandatory / Optional (See Domain XUPWDSTATE)", but I can't find any documentation on this field. The values are 0,1,254,255. Does anybody know what these values mean and how/when they are set.
  Thank you for your help.
  Regards, Morten

  >
  Morten Ellgaard wrote:
  > Hi
  >
  > We have set a general rule, that users must change password every 90 days (login/password_expiration_time). We have now had a communication user in the system for more than 5 months, and the password is still not expired.
  >
  > How can this be? Shouldn't communication users be forced to change the password?
  >
  > In table USR02 I can see a field XUPWDSTATE - "Password Change Mandatory / Optional (See Domain XUPWDSTATE)", but I can't find any documentation on this field. The values are 0,1,254,255. Does anybody know what these values mean and how/when they are set.
  >
  > Thank you for your help.
  >
  > Regards, Morten
  Well, that's a common misunderstanding:
  accounts of type "COMMUNICATION user" are subject of password expiration - however the password change requirement is not enforced (since the server cannot interact with the user). Actually that's not mainly caused by the user type but by the communication protocol being used: RFC and HTTP allow both, interactive and non-interactive system usage. Only the DIAG protocol (used by SAPGUI) ensures that an interaction with the user is possible - and in this case the system is enforcing a password change (when required).
  Note 622464 provides an overview on the user types and the ability / requirement to change passwords (and other impacts).
  Side-remark: modifying the USR02 field would not have any impact on the password change handling (beside the fact that such direct table manipulations are risky and strongly discouraged).
  As reported by other SDN community members (and stated in note 320991, quite at the end) there are some profile parameters that will cause RFC and HTTP based logon to fail for passwords which are expired / initial. Setting those profile parameters will result in a downwards-incompatible system behavior - for this reason the default setting is "off".
  Indeed, if you intend to use "technical accounts" for (automated) system-to-system communication, then kindly use the user type "SYSTEM". In that case, the password is neither "expired" nor "initial" - no password change is required nor can it be performed by the SYSTEM user itself. Only an user administrator can set a new password (in systems as of NWAS 7.0: even a downwards-compatible one - despite the password policy, see notes referenced by note 622464).

• Each time I attempt to fix email address, I get info to change password

  I am a new ipad 2 user, I entered my email address incorrectly, does not match ipod touch. how can I correct this? when I try I get info on changing password

  I'd think you have a Keychain problem (Keychain storing passwords and the likes).
  When you are being asked, are you offered the checkbox, "Remember this password in my Keychain"? If so, check and see if it stops asking.

• How can I give an user the right to change passwords

  I'm still absolute server beginner, so I have to ask here.
  How can I give users the right to change passwords or to view calendars?
  I didn't find it, yet.
  I've found an option to change rights, when I click on the user with two fingers (right mouse button). But all options in this menue are grey.

  Hi Holger,
  These are two fundamentally different issues. I'll try to address them each. For both you will need to have OpenDirectory set up (see the Users Next Steps list in the Server app). Once that is done. Additionally you will need the Server Admin Tools 10.7. Once you have them installed, you can specify the OpenDirectory password requirements for users
  User Passwords in OpenDirectory
  On the server, open Server Admin app.
  Connect to you server, then click on the OpenDirectory service.
  Click on the Settings icon.
  Click on the Policies tab.
  Click on the Passwords sub-tab, and you can set all the criteria for password requirements here.
  Resetting Passwords
  Users must log in as network users on the client computer.
  Once logged in, to change the password, open System Preferences.
  Click on Users & Groups.
  The user icon will be a silhouette with stars in the background. This means it is a network user. Click on the Password tab at the top.
  Click the Change Password ... button to change the password.
  Calendars in iCal are much like RSS feeds: users need to subscribe to them, like we discussed in our other posting. Network users will automatically be given a network iCal calendar, and will be automatically subscribed to it. However, if you want to automatically add subscribed calendars to network user's accounts, you will need to use ProfileManager.
  On the server, open Server app.
  Click on the Profile Manager menu item.
  Make sure that iCal service is running (green indicator next to it). Click on the "Include configuration for services: ...". Make sure the iCal icon is listed there.
  Click the "Sign configuration profiles" checkbox.
  Turn Profile Manager on.
  Once Profile Manager has loaded (the gear at the bottom right will no longer be spinning), go ahead and click the Open Profile Manager link.
  Log into Profile Manager as your directory admin user.
  Click on the Groups menu item to give all users of a specific group access to the wiki calendar. This is best if you have a wiki for a group and want to share that calendar. Use the Everyone group to add this calendar for all users.
  Click on Users to give access to only specific users.
  Edit the profile for the group(s) or user(s) you selected by highlighting that group and clicking the edit button.
  Scroll down and select the CalDav item on the left.
  Click configure. Here you will need to enter the specific details for that callendar based on the subscription details you get when subscribing to the calendar via the wiki.
  After all that you still need to configure each client computer to be set up for profile management, which really is a topic of its own. I recommend the following tutorials:
  Installing OS X Lion Server
  OS X Lion Server Administration Tool Tour
  Setting Up Profile Manager on OS X Lion Server
  Using Profile Manager on OS X Lion Server
  Hope this helps, good luck!
  ~Mike

• Using Jackrabbit User Manager programmatically for changing passwords and getting user data.

  I am trying to do a change password request using the Jackrabbit User Manager with the REST URL /system/userManager/user/<username>.changePassword.json.  The problem I am having is that this request requires an oldPwd form param in the request.  The issue is that when I am trying to do this request it is in response to the user selecting "Forgot Password" so our logic has created a random password which we then email to the user so they can use that the next time they want to login.  We need to change that user's password in CRX so they can log in using it next time.  Since they haven't logged in there is no session, NOT the problem.  THE PROBLEMS, I don't know 1. how to use the userManager to get that user's old password, since /system/userManager/user/<username>.json doesn't appear to return the password and 2. if I could get the old password it most certainly will be encoded, some how, so I will need some decoding algorithm to pass it through in order to get the actual password to set as the oldPwd form param to my change password request.  Please let me know if you require any further explanation.  Any assistance would be greatly appreciated.  Thank you, in advance, for your assistance.
  Sincerely,
  Mike Sucena
  [email protected]

  Hi Mike,
  msucena wrote:
  Justin:
  Does your response mean that until version 2.1.2 of Jackrabbit User Manager is released I cannot change the password without knowing the old password?
  No. It means that this feature is not available in version 2.1.0 of the Sling Jackrabbit User Manager bundle. It was added after that release. You have a number of options:
  Build the bundle from source.
  Use one of the SNAPSHOT bundles available from the Apache Snapshots repository.
  Use the release which is being voted upon now (https://repository.apache.org/content/repositories/orgapachesling-175/org/apache/sling/org .apache.sling.jcr.jackrabbit.usermanager/2.2.0/). (Note - we decided to use 2.2.0 as the version number rather than 2.1.2 as originally planned due to the scope of this release).
  Write a different servlet which performs the same actions.
  Meaning that being able to use either the credentials of the "Admin" user or using the credentials of a member of the "UserAdmin" group is not supported in the current released version 2.1.0?
  Correct. It was added after the 2.1.0 release.
    If I currently need the old password is there any Sling REST - Jackrabbit API call I can use in order to get the old password since using /system/userManager/user/<username>.json doesn't appear to return the password?
  -Mike
  The plain text password is not stored. And this should be considered a good thing.
  If you have questions about the development process we follow in Sling (or at Apache as a whole), by all means ask on the Sling users mailing list. It is reasonably well-established and we love to talk about it.

• R/3 Users of Type system Change Passwords

  Hi,
  I have the following scenario, I have users from R/3 that can access portals, but i don't want them to access from dialog in R/3. I created them of type user "B" as "system users".
  How can i change the passwords of them in portals, like a service for "changing passwords" or "forgot passwords"?
  Should i created them as other type? But the others types can access dialog?
  regards,
       Cesar Felce

  Hi GLM,
      I don't want to disable the passwords, i just want them to be able to change their passwords from the portal.
      Let me explain my scenario again, I have many students that have a R/3 user account, but they only use sap from a WD4A applications so thay can update personal data and so on. The thing is thay they are users in R/3 of type system, because i don't want them to be able to enter form SAPGUI, but they can't change their passwords.
    Student -> enter portals -> change password.
    Student -> enter SAPGUI -> can't access. 
    We have the single sign on.
    thanks for the help,
        Cesar Felce

• User not able to Change Password in Webaccess

  We are running GroupWise 7.0.3 HP3. We have one user who is not able to change her password in Webaccess. Whenever she tries, she get the following error message in Webaccess
  Ldap Password Change Failed. Contact your system administrator.
  When I look at the POA screen on the server, I see the following error message.
  LDAP Error: 53.
  Her account is not disabled, expired or locked. I get the same error message when the account has an unlimited number of network aconnections.
  If I change the password in ConsoleOne and log into the account, I get prompted change my password because it has expired.
  Thanks

  n,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• When try to download apps from ipod keep getting error 1004, change password 2 days ago dont know if that why problem occur can someone help

  When try ti down load apps from Ipod keep getting error 1004 how can I download ?

  http://support.apple.com/kb/TS3694#error1004
  There have been some problems accessing pages on the Apple web site.  If the hyperlink gives you a "We're sorry" message, try again.

• User Exit/Badi - To change the status of Quotation when fully referenced

  Hi all,
  In the present scenario the quotation is geting completed once it is fully referenced irrespective of whether the refenced quantity in Sales order is rejected or delivered. But I need to to mark the quotation completed only when the referenced quantity is not rejected.
  Ex: Say I have a quotaion 1000001 having a material XYZ with quantity 9. Now I have created a sales order referring to the quotaion with same quantity and rejected it. Now my quotation is getting completed. But I dont want that.
  I want the quotation to be completed only if the quantity in salesorder is not rejcted
  Can anyone help me with pointers to solve this.
  Thanks,
  Aravind

  I think you're seeing standard SAP behavior.  However, a discussion with your SD/LE functional team member might be beneficial. Personally, I don't think SAP supplies a way to "add back" to that quote.  However, you might develop something that changes the quantity on the quote (essentially adds to the original quantity), based on the fact that a SO line got rejected.

• User Exit/Badi to change the billing plan date when create sale order

  Experts,
  Please advise which user exit/badi can be used to change the billing plan date wen create sale order.
  My requriement is based on some rules to dynamically change the line item billing plan start date and end date when create sales order.
  I tried some user eixt in MV45AFZZ, but the date got revert to the orginal date from billing plan.

  Hi,
    check the include MV45AFZB.
  Thanks & Regards,
  Sateesh.

• I am having trouble editing track names and information in my Itunes library.  Help center says click on selected track, click on file, click on get info, make changes, and press save.  When I get to get info, it won't let me change anything. Help??

  How do I edit track names and information in my I-tunes library?  I followed the Help Center instructions, but it will not let me change anything.  Can someone tell me what I'm doing wrong?

  Those symptoms usually indicate a permissions problem. See Repair security permissions for iTunes for Windows for advice.
  tt2