Parameter
login/password_change_for_SSO
Short text
Mandatory password change when using Single Sign-On (SSO)
Parameter Description
With password-based logon, the system checks whether the user’s password needs to be changed (for example, because the password is initial or has expired).
If non-password-based logon variants are used (SSO: SNC, X.509, PAS, logon ticket), no check is currently made to see whether the user has a password needing to be changed. This parameter can be used to define the required system behavior (see the explanations of the values below).
Application Area
Logon
Default Value
1 (dialog box)
Who is permitted to make changes?
Customer
Operating System Restrictions
None
Database System Restrictions
None
Are other parameters affected or dependent?
• login/disable_password_logon
• login/password_expiration_time
• login/password_change_waittime
• login/password_max_idle_initial
• login/password_max_idle_productive
• login/password_compliance_to_current_policy
Values allowed
0 = Requirement to change password is ignored (downward compatible)
1 = Dialog box with options 2 and 3 (user decides (default))
2 = Password change dialog only (old and new passwords entered)
3 = Password deactivated (automatically, no dialog box)
