SAP Knowledge Base Article - Public

2974835 - System Logon Possible Without Changing the Initial Password

Symptom

When you click on the Cancel button before changing an initial password in the logon screen, you are redirected to the Home work center.

Environment

 SAP Business by Design

Reproducing the Issue

  1. Receive the access credentials as a new user
  2. Logon with the User ID and password provided
  3. The system requests to change the password
  4. Select the Cancel button
  5. The system automatically redirects to the Home work center

Cause

This system behavior is consistent with the security policy configuration's expected behavior. The Admin Password Change Enforcement is set to Ignore. Therefore  the user is able to logon, even after clicking the Cancel button.

The administrator can set an initial password for each user existing in the system. On the first logon of the user, the system requests to change the password which is otherwise known to the administrator.

The Admin Password Change Enforcement allows to ignore or to enforce the change of the initial logon password. The Admin Password Change Enforcement field is visible, if Password Logon Enabled is selected for a particular security policy.

If it is set to Ignore, a user will be prompted for the change of initial password, and after selecting Cancel, the user will be still allowed to log on to the system.

Resolution

To set up the security policy, follow the instructions in the Security Policies Quick Guide.

See Also

For more information, see the Security Policies Quick Guide.

Keywords

Anmeldung ohne Änderung Initialpasswort, initial password, user id, password, login, log-on, log-in, credentials , KBA , SRD-CC-CC , Control Centre , Problem

Product

SAP Business ByDesign all versions