Start of Content Area

Function documentation Passwords in SAP MI  Locate the document in its SAP Library structure

Use

To use SAP MI on the mobile device, the user requires either one or both of the following passwords (depending on the configuration):

     A local password to log on to the client offline

     A synchronization password to log on to the server online (password for the SAP Web AS)

Logon Password

Depending on the configuration, either the user must log on to the mobile device with SAP MI locally or the authentication with the operating system is sufficient to start SAP MI.

Note

The local logon cannot be deactivated on a mobile device that has multiple users.

If the client is configured in such a way that the user must enter the local logon password, and if the user then forgets this password, he or she can reset it (providing this option has been activated in the configuration). To do this, the user requires an online connection to the server.

The administrator can configure the client to limit the number of failed logon attempts.

Synchronization Password

Depending on the configuration, users must enter the synchronization password for each synchronization (default), once per logon, or never.

If the password must be entered once per logon, users are requested to enter the synchronization password when they synchronize for the first time. With JSP clients, the administrator can configure the client in such a way that the user has to enter the synchronization password when logging on to the client.

Activities

The administrator can configure the following:

     How to handle the password, using the parameter MobileEngine.Security.SynchronizationPasswordHandlingOption,

     Whether the users can enter the synchronization password when logging on to the client (using the parameter MobileEngine.Security.SyncPasswordFieldAtLogon (applies to JSP clients only)

Prerequisite is that the password must be entered once per logon (parameter MobileEngine.Security.SynchronizationPasswordHandlingOption=once) and that time-driven synchronization is used (parameter MobileEngine.Sync.TimedSyncActive=true).

     Whether the user has to enter the local logon password (using the parameter MobileEngine.Security.BypassLocalLogonPassword)

To bypass the local password, the mobile device concerned must be used by one user only (parameter MobileEngine.UM.SingleUserMode=true) and the synchronization password must be entered (parameter MobileEngine.Security.SynchronizationPasswordHandlingOption=once or =atSync).

     Whether the user can reset the local logon password (using the parameter MobileEngine.Security.ResetLocalLogonPassword)

     Whether the number of permitted failed logon attempts is limited to a certain amount (using the parameter MobileEngine.Security.AllowedLogonFailuresUntilUserLock)

The users can change the passwords in SAP MI and reset them (depending on the configuration). The synchronization password can only be changed if there is a connection to the server. This is possible either when the password is entered or with password administration. The options and procedures depend on the configuration.

See also:

For more information on how to define parameters and using parameters to configure the behavior of the password, see Parameters in MobileEngine.config.

For more information about passwords changes made by the user, see Changing Passwords.

For information about using Single Sign-On, see Setting Up Single Sign-On on the Mobile Device.

For relevant information in the Security Guide, see User Administration and Authentication.

For more information on configuring the reset option, see Configuring Reset Option for Logon Password.

For more information on configuring the bypass option, see Configuring Bypass Option for Logon Password.

 

End of Content Area