/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
IAS is enabled but user have locked account status in SuccessFactors, even if in IAS the user account are active.
“Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.”
Environment
SAP SuccessFactors HCM Suite
Reproducing the Issue
This specific issue comes from the scenario outlined in this help guide.
In this scenario, you have an SAP SuccessFactors instance integrated with Identity Authentication. In the SAP SuccessFactors instance there are users that log on with username and password (also known as password or non-sso users). The source system opportunity gives the possibility these users to be migrated and to use Identity Authentication without the need to change the passwords that they already have. The password of each SAP SuccessFactors user is migrated once only during his or her first successful logon after the configuration of the source system scenario in Identity Authentication. After that the user passwords are managed by Identity Authentication.
The first logon after the migration must be with a username and password. After this first successful logon, the user can use any other allowed logon identifier
With this scenario if the user does not know their password and so tries to login through IAS for this first time login with the incorrect password - it will lead to the users account getting locked in SuccessFactors.
Cause
Expected system behavior > user account is locked in SF due to too many failed login attempts using the SF credentials
**Note - this is only specific to scenario outlined above and from this help guide
Resolution
To avoid account getting locked, if end-user not sure about their old password in SF, end-users can just use Forgot Password to reset new password for the first login in IAS
However once their account is already locked in SuccessFactors - it must be unlocked by an Admin using the Reset User Account tool - see KBA - 2086751 - How to Unlock a User Who Has Been Locked Out - SuccessFactors
**Internal Note for support, please review internal note on how to confirm/investigate this type of user account locked
See Also
- Configure Authentication Provider To Migrate User Passwords from SAP SuccessFactors Systems to Identity Authentication
- KBA - 2086751 - How to Unlock a User Who Has Been Locked Out - SuccessFactors
Keywords
IAS, User Account is locked, SuccessFactors user account locked, locked , KBA , LOD-SF-PLT-PWD , Password Policy Settings & Reset Password , Problem
Product
Attachments
| image.png |
| Pasted image.png |
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)