{"id":422,"date":"2018-02-19T08:00:43","date_gmt":"2018-02-19T07:00:43","guid":{"rendered":"http:\/\/akquinet-security-en.blog\/?p=422"},"modified":"2020-07-07T14:58:20","modified_gmt":"2020-07-07T12:58:20","slug":"you-cant-come-in-here","status":"publish","type":"post","link":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/","title":{"rendered":"You can\u2019t come in here\u2026"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-423 alignleft\" src=\"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\" alt=\"motiv_es_sast-uam_150dpi_1701.png\" width=\"299\" height=\"200\" srcset=\"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png 500w, https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164-300x200.png 300w\" sizes=\"auto, (max-width: 299px) 100vw, 299px\" \/><span style=\"color: #616262;\">Practical tip: How you can easily prevent your SAP users from being inadvertently locked out.<\/span><\/p>\n<p><span style=\"color: #616262;\">The parameter \u201cicf\/reject_expired_passwords\u201d is intended to prevent SAP users from being able to log in via \u201chttp\u201d with an expired password. So far so good\u2026<\/span><\/p>\n<p><!--more--><\/p>\n<p><span style=\"color: #616262;\">Unfortunately, SAP has changed the function of the parameter in different SAP releases.<\/span><\/p>\n<p><span style=\"color: #616262;\">Contrary to expectations, the parameter not only prevents logging in with an <span style=\"text-decoration: underline;\">expired<\/span> password, but also with the <span style=\"text-decoration: underline;\">initial<\/span> password when value = 1 in the current SAP 7.x systems! This means that users cannot change their passwords when logging in for the first time. This is particularly interesting in Web scenarios like SRM (Supplier Relationship Management).<\/span><\/p>\n<p><span style=\"color: #616262;\">SAP has now realized that this needs to be remedied and has provided a relevant patch: <em><a href=\"https:\/\/launchpad.support.sap.com\/#\/notes\/2503404\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/launchpad.support.sap.com\/#\/notes\/2503404<\/a><\/em><\/span><\/p>\n<p><span style=\"color: #616262;\">After applying the patch, you can change your password when you log in for the first time.<\/span><\/p>\n<h6><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-33\" src=\"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2017\/01\/ralfkempf_akquinet.jpg\" alt=\"ralfkempf_akquinet\" width=\"130\" height=\"91\" srcset=\"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2017\/01\/ralfkempf_akquinet.jpg 640w, https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2017\/01\/ralfkempf_akquinet-300x210.jpg 300w\" sizes=\"auto, (max-width: 130px) 100vw, 130px\" \/><br \/>\n<span style=\"color: #616262;\">Ralf Kempf<\/span><br \/>\n<span style=\"color: #616262;\">Technical Managing Director &#8220;SAST SOLUTIONS&#8221; at AKQUINET<\/span><\/h6>\n<p><span style=\"color: #616262;\">Are you looking forward to further tips and recommendations in the field of SAP Security &amp; Compliance? Then use the opportunity to exchange with us, for example, in one of our<\/span> <a href=\"https:\/\/sast-solutions.de\/en\/news\/events-webinars\/index.jsp\" target=\"_blank\" rel=\"noopener noreferrer\">webinars<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Practical tip: How you can easily prevent your SAP users from being inadvertently locked out.<br \/>\nThe parameter \u201cicf\/reject_expired_passwords\u201d is intended to prevent SAP users from being able to log in via \u201chttp\u201d with an expired password. So far so good\u2026<br \/>\nUnfortunately, SAP has changed the function of the parameter in different SAP releases.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[68,80],"class_list":["post-422","post","type-post","status-publish","format-standard","hentry","category-general","tag-sap-authorizations","tag-sap-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>You can\u2019t come in here\u2026<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"You can\u2019t come in here\u2026\" \/>\n<meta property=\"og:description\" content=\"Practical tip: How you can easily prevent your SAP users from being inadvertently locked out. The parameter \u201cicf\/reject_expired_passwords\u201d is intended to prevent SAP users from being able to log in via \u201chttp\u201d with an expired password. So far so good\u2026 Unfortunately, SAP has changed the function of the parameter in different SAP releases.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/\" \/>\n<meta property=\"og:site_name\" content=\"SAST BLOG\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-19T07:00:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-07-07T12:58:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\" \/>\n<meta name=\"author\" content=\"securityblog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"securityblog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/\"},\"author\":{\"name\":\"securityblog\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/person\\\/cd70e3749cca136a7e8a37dc1d3cfc26\"},\"headline\":\"You can\u2019t come in here\u2026\",\"datePublished\":\"2018-02-19T07:00:43+00:00\",\"dateModified\":\"2020-07-07T12:58:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/\"},\"wordCount\":197,\"publisher\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\",\"keywords\":[\"SAP Authorizations\",\"SAP Security\"],\"articleSection\":[\"General\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/\",\"name\":\"You can\u2019t come in here\u2026\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\",\"datePublished\":\"2018-02-19T07:00:43+00:00\",\"dateModified\":\"2020-07-07T12:58:20+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/#primaryimage\",\"url\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\",\"contentUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2018\\\/02\\\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2018\\\/02\\\/19\\\/you-cant-come-in-here\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"You can\u2019t come in here\u2026\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#website\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\",\"name\":\"SAST BLOG\",\"description\":\"SAP Security &amp; Compliance\",\"publisher\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\",\"name\":\"SAST BLOG\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/sast-solutions-logo.png\",\"contentUrl\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/sast-solutions-logo.png\",\"width\":358,\"height\":155,\"caption\":\"SAST BLOG\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/person\\\/cd70e3749cca136a7e8a37dc1d3cfc26\",\"name\":\"securityblog\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"You can\u2019t come in here\u2026","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/","og_locale":"en_US","og_type":"article","og_title":"You can\u2019t come in here\u2026","og_description":"Practical tip: How you can easily prevent your SAP users from being inadvertently locked out. The parameter \u201cicf\/reject_expired_passwords\u201d is intended to prevent SAP users from being able to log in via \u201chttp\u201d with an expired password. So far so good\u2026 Unfortunately, SAP has changed the function of the parameter in different SAP releases.","og_url":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/","og_site_name":"SAST BLOG","article_published_time":"2018-02-19T07:00:43+00:00","article_modified_time":"2020-07-07T12:58:20+00:00","og_image":[{"url":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png","type":"","width":"","height":""}],"author":"securityblog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"securityblog","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/#article","isPartOf":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/"},"author":{"name":"securityblog","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/person\/cd70e3749cca136a7e8a37dc1d3cfc26"},"headline":"You can\u2019t come in here\u2026","datePublished":"2018-02-19T07:00:43+00:00","dateModified":"2020-07-07T12:58:20+00:00","mainEntityOfPage":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/"},"wordCount":197,"publisher":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#organization"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/#primaryimage"},"thumbnailUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png","keywords":["SAP Authorizations","SAP Security"],"articleSection":["General"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/","url":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/","name":"You can\u2019t come in here\u2026","isPartOf":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/#primaryimage"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/#primaryimage"},"thumbnailUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png","datePublished":"2018-02-19T07:00:43+00:00","dateModified":"2020-07-07T12:58:20+00:00","breadcrumb":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/#primaryimage","url":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png","contentUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/02\/motiv_es_sast-uam_150dpi_1701-e1518632763164.png"},{"@type":"BreadcrumbList","@id":"https:\/\/sast-solutions.com\/blog-en\/2018\/02\/19\/you-cant-come-in-here\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sast-solutions.com\/blog-en\/"},{"@type":"ListItem","position":2,"name":"You can\u2019t come in here\u2026"}]},{"@type":"WebSite","@id":"https:\/\/sast-solutions.com\/blog-en\/#website","url":"https:\/\/sast-solutions.com\/blog-en\/","name":"SAST BLOG","description":"SAP Security &amp; Compliance","publisher":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sast-solutions.com\/blog-en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sast-solutions.com\/blog-en\/#organization","name":"SAST BLOG","url":"https:\/\/sast-solutions.com\/blog-en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/logo\/image\/","url":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2021\/03\/sast-solutions-logo.png","contentUrl":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2021\/03\/sast-solutions-logo.png","width":358,"height":155,"caption":"SAST BLOG"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/person\/cd70e3749cca136a7e8a37dc1d3cfc26","name":"securityblog"}]}},"_links":{"self":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/422","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/comments?post=422"}],"version-history":[{"count":2,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/422\/revisions"}],"predecessor-version":[{"id":1288,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/422\/revisions\/1288"}],"wp:attachment":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/media?parent=422"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/categories?post=422"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/tags?post=422"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}