These properties enable you to define the security policies for logon IDs and passwords in the user management engine (UME). If you use ABAP user management as a data source, the system ignores these values in most cases. For more information about the security policy, see Security Policy.
Security Policy Properties of the UME
Property |
Value |
Description |
ume.logon.security_policy. |
Default value is 60. 0 = Deactivate this option. The user remains locked. |
Number of minutes before the system unlocks a logon ID after a series of failed logon attempts. |
ume.logon.security_policy |
Default value is FALSE. |
Determines if the system checks passwords against the security policy during password logon and requires users to change their password if it no longer meets the current policy. |
ume.logon.security_policy. |
Default value is 6. Possible values: 0 to 9999 0 = Infinite number of failed logon attempts allowed. |
Number of failed logon attempts before user is locked. This is automatically set to 0 if you have a combined SAP NetWeaver Application Server (AS) Java and AS ABAP installation. |
ume.logon.security_policy. |
|
See Security Audit. |
ume.logon.security_policy. |
|
See Security Audit. |
ume.logon.security_policy. |
Default value is FALSE. |
Defines whether old password can be part of new password. The UME checks the old and new password against each other when the user attempts to change the password. |
ume.logon.security_policy. |
Default value is 1. |
Minimum number of alphabetic and numeric characters in passwords. For example if the property is set to 3, passwords must contain at least 3 letters and at least 3 numbers. |
ume.logon.security_policy. |
Default value is TRUE. |
Determines if user passwords can be changed. We recommend you leave this property set to TRUE. You need this property for self-management of passwords. When FALSE, only an administrator (a user with change rights for users) can change a user’s password. A user, whose password has expired, cannot change it. An administrator must reset it.
You can set this property to FALSE, when you have a directory server as the data source and you do not perform password management with SAP NetWeaver or the portal. |
ume.logon.security_policy. |
Default value is 90. |
Number of days before password expires. |
ume.logon.security_policy. |
Default value = 0. |
The UME can store the hash value of user passwords. Set this value to prevent users from reusing the same password after their old password expires. The system does not enter passwords set by the administrator in the password history. Although this value is for practical purposes freely configurable (you can set the value in the trillions), a more useful value might be 5. Use a value that is appropriate for your application.
Set this value to zero (0) if your data source already has a password history checking mechanism; unless you maintain users in the AS Java database for whom you want to maintain a password history.. |
ume.logon.security_policy. |
|
Enter a comma-separated list terms or character combination, which the UME rejects when users set their passwords. Use the asterisk (*) and question mark (?) as variables. Asterisk (*) stands for any sequence of characters, and questions mark (?) stands for a single character.
aaa* = The UME rejects all passwords that start with aaa. |
ume.logon.security_policy. |
A date in the format MM/DD/YYYY. Default value is 12/31/9999. |
If a user has never changed his or her password using the AS Java, this date counts as the last date on which the user changed his or her password. See
also:
ume.logon.security_policy. |
ume.logon.security_policy. |
Default value is 0. Possible Values: 0 to 2147483647. Value = 0: This check is deactivated. |
Number of days after the last successful logon with user ID and password that the UME locks the user’s password. With the
UME property ume.logon.security_policy. When a user’s password is locked, he or she can no longer log on with the password and must contact the system administrator to get a new password. Before SPS 7, the UME sets the last successful password check date when you create each user. From SPS 7 and later, the UME only records a user's last successful password check date if the password idle time check is enabled; that is, when maximum idle time is greater than zero. |
ume.logon.security_policy. |
Default value is 14. |
Maximum password
length. This must not be less than the cumulated values of the properties
password_mix_case_ |
ume.logon.security_policy. |
Default value is 1. |
Minimum password length. |
ume.logon.security_policy. |
Default value is 0. |
Minimum number of upper and lower case letters in passwords. For example if the property is set to 3, passwords must contain at least 3 lower case letters and at least 3 upper case letters. |
ume.logon.security_policy. |
Default value is 0. |
Minimum number of special characters in passwords. |
ume.logon.security_policy. |
A date in the format MM/DD/YYYY. Default value is 12/31/9999. |
Defines the default date for last successful logon with user ID and password, when a user has no successful logon with user ID and password recorded or the last logon took place before the default date. When you set
ume.logon. |
ume.logon.security_policy. |
Default value is 0. Value < 0: Digits are not allowed. Value = 0: Digits are allowed. Value > 0: Digits are required. |
Minimum number of digits in user logon ID. |
ume.logon.security_policy. |
Default value is FALSE. |
Defines whether user ID can be part of password. |
ume.logon.security_policy. |
|
Deprecated. |
ume.logon.security_policy. |
Default value is 0. Value < 0: Special characters are forbidden. Value = 0: Special characters are allowed. Value > 0: Special characters are required. |
Minimum number of special characters in user logon ID. |
ume.logon.security_policy. |
Default value is 20. |
Maximum length of user ID. This is automatically set to 12 if you have a combined AS Java and AS for ABAP installation. If you are using a database as data source for user data, this value must be less than or equal to 200. |
ume.logon.security_policy. |
Default value is 5. |
Minimum length of user ID. |