3075533 - Login parameters (login/*) not effective with Security Policies

Symptom

You have define a login/* parameter - for example login/password_change_for_SSO = <desired value> in the DEFAULT profile. The parameter effect is not happening.

You possibly make use of Security Policies (or would like to know if you are using it).

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

The transaction RZ11 shows that the current value is the expected for such parameter, and the source is shown either as a Dynamic Switching or the Default/Instance Profiles.

On transaction SECPOL, security policies may be found.

Users showing such symptoms, on SU01 "Logon Data" tab have their "Security Policy" field not empty - it points to one of the Security Policies defined in SECPOL.

Product

SAP NetWeaver Application Server for ABAP all versions

Keywords

SECPOL, Security Policy, PASSWORD_CHANGE_FOR_SSO, login/*, login, profile parameter, login parameter, login profile parameter, login restrictions, profile groups, password policies , KBA , BC-SEC-POL , Security Policies for ABAP , BC-SEC-LGN , Authentication , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.