Skip to Content
author's profile photo Former Member
Former Member

RZ parameter ( login/password_max_idle_productive ) on selective users?

Hi all,

I have an inquiry with regards to the rz10 parameter login/password_max_idle_productive .

Currently, I have setup this parameter such that users that is idle for 30days will be automatically locked.

My inquiry is that could I setup SAP system such that certain users will be omitted from the parameter above?

Example, users with admin privileges will not have the need to sign in at least once every 30days just to ensure that his/her id is not idle.

Thank you.

Regards.

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on Dec 16, 2008 at 08:06 AM

    I am pretty sure that is not intended to be possible...

    Perhaps you want to consider re-interpreting the meaning of the parameter to be "Number of days of idle productive password after it should have been changed" and then set the value to be 30 days greater than the validity parameter.

    This is also mentioned in the documentation in RZ11 if I remember correctly.

    Cheers,

    Julius

    Add a comment
    10|10000 characters needed characters exceeded

    • >

      > Ya, We are running on mutliple platform, naming Oracle email system and Windows active directory.

      > However, for these platforms, it is generally controlled by AD inwhich there is group policies to assist.

      >

      > As such, I was trying to follow the concept (locks if no actions is detected after predefine period) enforced from AD as even our AD and other applications receives delay (sometime missing) updates from our HR dept.

      Well, as I wrote: that's the task of an Identity Management system.

      The NWAS ABAP does (currently) not support multiple security policies - only one. So, it's not possible to implement what you are looking for (w/o using an IdM).

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.