Administrator

Enabling Production-Ready Administrator Authentication

Authenticating administrators is always performed by SAP Mobile Platform Server. Management Cockpit automatically delegates administrator authentication to the providers that are configured for the Admin security profile.

Context

SAP Mobile Platform Server supports two administration roles:
  • Administrator – full access.
  • Helpdesk – read-only access.

Initially, the Admin security profile has just one authentication provider, System Login (Admin Only), populated with a user name and password that were provided during installation. This user is meant to be temporary to enable initial use of Management Cockpit. To make the Admin security profile production-ready, log in using the administrator credentials defined in the installer, and replace the System Login (Admin Only) authentication provider with production-ready providers.

The System Login (Admin Only) provider does not enforce password strength or change policies that are typically in place for a production environment. Therefore, substitute the System Login (Admin Only) provider with an authentication provider that is suitable for a production environment. Subsequent logins are performed with user credentials that are assigned to the Administrator and Helpdesk roles.

SAP recommends that you restrict the use of the Admin security profile to administration authentication only.