Search This Blog

Tuesday, March 15, 2011

SAP Note 161146 - RFC logon with the initial password



Validity: valid since 19.03.2008


Symptom

The RFC logon with the initial password is completed successfully.


Other terms
RFC, logon, log on, security, trusted, trusting, sapgui, password


Reason and Prerequisites
The RFC logon behavior differs from the SAPGUI logon behavior.
  This affects trusted-trusting connections in particular.


If you use an RFC logon, the system cannot display a change password dialog box. This is possible if you use SAPGUI logon (see Notes 441452 and 869218). A dialog box can only be processed if the relevant infrastructure is available. However, this is not the case when you use RFC communication between two ABAP systems.

Effects:

    1. Therefore, you can logon several times with an initial password and RFC without having to assign a new password.
    2. For trusted/trusting, the password is automatically deactivated depending on the parameter login/password_change_for_SSO (value 3) The RFC cannot display a password change using the dialog box (values 1 and 2) that may be required.

As of Release 46C, you can prevent the RFC logon with an expired or initial password by setting the profile parameter rfc/reject_expired_passwd (that is, rfc/reject_expired_passwd = 1).
  After you added the profile parameter, you must restart the server.



Solution

Password changes must be made manually using SAPGUI.

No comments:

Post a Comment