on 11-19-2020 7:02 PM
Hello all,
Is is possible to exclude technical users created in CCOM from the password expiration? Being a technical user I think being forced to update passwords regularly is actually more of an obstacle than a help to keep the system secure.
Or are there any other "best practices" we should be aware of?
Thanks in advance,
Joerg.
Hello arti3000, kfrick,
I have submitted IR 257985 for this improvement of the technical user.
Thanks and best regards,
Joerg.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello joerg.ceo
I do see it the same as you. The configurable password policies or policy assignments are not sufficiently solved. It should be possible to add policies AND assign a policy to a user or user role.
From my point of view today you just can configure in one policy the value of "Maximum validity of password" to -1 and assign this policy to all users....
Best Regards
Klaus
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
you can create multiple policies in transaction SECPOL and assign the policy to the users very flexible.
Similar question raised up some days ago. Have a look here.
However, I am not familiar with "CCOM", so maybe this does not fit....?
Hello Arne,
I have set all password policies to -1 expiration days and that does take care of the issue.
But what I'm unsure of is how to associate a specific password policy with a specific user? I can't seem to identify the right relation (there is only a "default policy for users" and "default policy for loyalty users" setting that I could identify. And creating a "technical user" should (IMO) trigger an automatic non-expiration setting for that user specifically (as well a no-login policy, too). But currently neither of that happens...
What I believe is there should be a little more guidance in the documentation about how to properly set up technical users. Unfortunately the documentation is very "this field means that" and not very "to achieve this, set these options", which would be more helpful...
Thanks!
Joerg.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Joerg, can't you create a new password policy group where you set the expiration days to "-1" and only assign technical users to this group?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
5 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.