I have a question, on which I would appreciate any input (I just give the facts, and would appreciate any comments):
A policy is in place and implemented in SAP (slightly different releases, but all BW's).
Dialog users with new initial passwords are locked very soon if idle.
Dialog users with reset initial passwords are locked very soon if idle.
Dialog users with idle login habits but not initial passwords, are locked (account) after 60 days of inactivity (automatic... and company policy!).
The reason for the policy is that users are mostly decentral, but the systems are not. Users are required to logon to the BW'a every 3 months (quarterly!) to enter plan data.
So.... (the "mime in a forest" happens...) which is what the policy intended to prevent...
The users can be identified and placed in a user group (S_USER_GRP) and there is no decentral user administration in the BW's.
Question: Why not exempt those quarterly planners from the "global" 60 day idle user lock rule?
Any experiences or opinions would be appreciated.