on 04-18-2014 5:04 PM
With the indexserver.ini file, you can overwrite default system settings, such as the ones defined for the password policy. In my case, I have
[password policy]
last_used_passwords = 0
maximum_password_lifetime = 0
force_first_password_change = false
According to M_PASSWORD_POLICY - SAP HANA SQL and System Views References - SAP Library this has a value in days, but it does not tell you what the edge cases are. Does 0 mean the password is not good at all? Does it mean its good up to just shy of 1 day? Or, what I am trying to achieve, does this mean that the password is valid forever? Or, would valid forever be indicated by a negative number or some string?
An answer would be great, but a reference to a document defining these situations with the password policy would be preferred!
Thanks,
Kevin
Maximum Password Lifetime:
"The number of days after which a user's initial password (or any password set by a user administrator) expires if the user has not logged on
You must enter a value of at least 1.
A user administrator exclude users from this password check with the following SQL statement: ALTER USER <user_name> DISABLE PASSWORD LIFETIME. However, this is recommended only for technical users only, not database users that correspond to real people.
A user administrator can re-enable the password lifetime check for a user with the following SQL statement: ALTER USER <user_name> ENABLE PASSWORD LIFETIME."
(see: http://help.sap.com/hana/SAP_HANA_Administration_Guide_en.pdf)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Johannes,
sorry for disturbing the peace of an old thread, but it is related and you seem to be knowledgeable about this thing
I would like to list users that are excluded from the password check as achieved with this DISABLE PASSWORD LIFETIME. Where can I find the flag in the tables please?
cheers Otto
User | Count |
---|---|
76 | |
9 | |
8 | |
7 | |
6 | |
5 | |
5 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.