We want to use the SAPJSF user in order to use Logon Help: User Requests Password Reset in Portal.
Which role should the user have in order to send the e-mails? If SAP_ALL is assigned then it works (tested in dev), but we want of course to minimize the needed authorizations for production.
Solution:
If you want to make changes to user data in the back end using the UME, you must assign the SAP_BC_JSF_COMMUNICATION role to the communication user.
This role is delivered without a profile, so that it must first be generated (Transaction SUPC).
SLDDSUSER gets locked by user SAPJSF
I have a system where the user "SLDDSUSER" keeps getting locked each hour.
According to the system log SAPJSF locks the user.
I tried some things out to prevent this from happening again.
I synchronized all RZ70 and SLDAPICUST settings in all the systems to make sure there isn't a wrong password of user SLDDSUSER anywhere. It did not fix the issue.
I checked the SAPJSF security roles/profile, seems to be ok.
Solution:
In the SLDAPICUST tcode, make sure you are highlighting the entire password field and deleting it (even though the asterisks won't disappear). Then type the correct/new one in. This is a UI bug where people think they can change a password by simply typing it in, not realizing that the old one is either being partially overwritten or appended to the end.
Automatically change the password and block user
I have a strange problem, I have start the part java, but, when takes some time, AUTOMATICALLY change the password J2EE_ADMIN and SAPJSF and block the user SAPJSF, so, it doesn´t work the portal and I have to change the password and unlock the SAPJSF, why?
Solution:
You may create another communication user as a copy of SAPJSF but having a different name. Use only the newly created user and block SAPJSF. The application that changes his password will lock an exception somewhere - either on ABAP side or on J2EE side.
1 Comments
Creative writing ⅽÉ‘n be Optimized for Search Engines.
ReplyDelete