Question:
Dear All,
We are upgrading our 4.0B to 4.7 Enterprise version.Just for the matter of security i wanted to know whether there is any password ageing parameter that can be set in R/3 4.7 Enterprise version.
Please help me out .
Regards,
SReejesh.
Email id kksreejesh@nerolac.com
Answer:
check out this like for some info:
/forums/viewtopic.php?t=112272
Answer:
New from 4.0B are the parameters:
login/password_max_new_valid
login/password_max_reset_valid
These determine how many days a new or reset password is valid. Note that you need to be at a specific patch level, as these require an extra field in a table (Believe it's in USR02). I can't remember the patch level you need. But if you are below that, you cannot reset passwords that has expired. I learned that the hard way!
Answer:
New from 4.0B are the parameters:
login/password_max_new_valid
login/password_max_reset_valid
These determine how many days a new or reset password is valid. Note that you need to be at a specific patch level, as these require an extra field in a table (Believe it's in USR02).
They may require a specigic kernel patch on 4.0 systems, but certainly not on 4.6 or 4.7 systems.
And: a new kernel patch will never add a field to an ABAP dictionary table.
Answer:
I beg to differ...
Have a look at OSS note 450452
Answer:
They may require a specific kernel patch on 4.0 systems, but certainly not on 4.6 or 4.7 systems.
Sorry, but Henrik is right:
SAP note 379081, "Optional deactivation of the password logon":
"Kernel prerequisites (as of kernel 6.10 in the standard):
4.6x: 4.6D kernel as of patch level 439"
And: a new kernel patch will never add a field to an ABAP dictionary table.
Correct!
SAP note 450452, "Expired passwords cannot be reset":
"Solution
Unfortunately, the missing date stamp (=> new database field) cannot be delivered by a correction because a combined ABAP and kernel correction is required for this, in which case you must ensure that the kernel change is made before the ABAP change.
If the ABAP change were made before the kernel change, this would have the serious consequence that you would no longer be able to log on."
Have fun,
Marc