cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NW ABAP change password (from initial) working in SAP GUI but not web?

Go to solution
Former Member

on ‎06-04-2015 11:29 AM

0 Kudos

Good day,

We've just noticed something on some of our DevTest SAP systems (AS ABAP, but different versions) which we hadn't noticed before and were wondering whether or not it was normal.

If we create a user (using "SU01") and assign them an initial password, when they log in through SAP GUI then they are prompted to change their password and the new password is set.  This is perfectly fine, exactly what we'd expect.

However, if a user with an initial password logs in to any web service (E.g. "/sap/bc/gui/its/webgui"), they're prompted to change the password but the new password is not accepted.  There's a message, something like "New password not allowed", and a "Continue" button; if the user clicks "Continue", they're taken to the web service page, logged in, as usual; however their password will have been deactivated, so once they've logged off, they cannot log back in.

That doesn't seem right ...  For a start, it's inconsistent with using SAP GUI ...

Is this expected behavior (E.g., a bug, something addressed by a SAP note, some configuration parameter we've forgotten to set somewhere, ...)?

Many thanks, and regards,

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎06-18-2015 6:16 PM
0 Kudos

Hey Tristram,

No that definitely isn't expected behavior.  The WEBGUI should do the same as the SAP PC GUI.

At least that's how ours works.  We've been on versions 7.31 and 7.40 for our various abap systems, and I've never seen the behavior you are talking about.  Also, when we were on 7.02 I never noticed the webgui perform like that.

What versions are you running?  that would help to know that.  and screenshots showing every you described.

NICK

Show replies
Show replies

Answers (4)

Answers (4)

jimguo
Advisor
Advisor
‎07-07-2015 10:17 AM
0 Kudos

Hi,

It looks like the issue described in note 2112577.

Thanks.

Jim

Show replies
Show replies
Former Member
‎07-02-2015 9:29 AM
0 Kudos

Many thanks for the helpful replies everybody.

As soon as I get a chance, I'll snapshot the error and include some version information.  I'll also try using the SM50 logon trace, and check out that other SCN thread.  Unfortunately I'm completely tied up in other things at the moment, and this (while mildly irritating) isn't top priority, so it may be a little while before I have the chance to do so though.

But again, many thanks everyone, and I'll update this thread as soon as I've had a chance to try your helpful suggestions.

Cheers,

Tris.

Show replies
Show replies
Bernhard_SAP
Employee
Employee
‎07-07-2015 10:32 AM
0 Kudos

Hi,

please check the value of parameter login/password_hash_algorithm as well. Indefinite behaviour at password changing may happen, if an incorrect value is used.....


Trap here:

the value of saltsize must be divisable  by 8.

Example for a vlaid value:

login/password_hash_algorithm = encoding=RFC2307, algorithm=iSSHA-384, iterations=7500, saltsize=96

Example for an invalid value:

login/password_hash_algorithm = encoding=RFC2307, algorithm=iSSHA-384, iterations=7500, saltsize=97



Reference notes: 2076925 , 991968

b.rgds, Bernhard

Former Member
‎07-02-2015 6:24 AM
0 Kudos

See if this helps:

https://scn.sap.com/thread/255587

Show replies
Show replies
cris_hansen
Advisor
Advisor
‎07-01-2015 8:41 PM
0 Kudos

Hi Tristam,

You can use the SM50 logon trace, as mentioned in SAP note 495911, to verify what is happening when you try to change the password via WEBGUI.

Regards,

Cris

Show replies
Show replies
Ask a Question