Hi,
We configured Active Directory server (2008 R2) as UME for SAP Portal (Netweaver 7.01 SP7). We matched as many of the security parameters as possible* (ex. minimum password length, require one number in password, etc.). The AD parameter "User must change password at Next logon" is set ON. However, upon attempt to login to SAP Portal with the initial password that was set in AD we are not prompted to change the password. Rather, the SAP Portal logon attempt fails with message: "Authentication Denied"
Has anyone dealt with this problem before?
Other information:
*Our MarketPlace researched indicated that the SAP Portal parameter "ume.ldap.security_policy.password_change_required" (which would correspond to the AD parameter mentioned above) is no longer an available parameter for our SAP Portal version (Netweaver 7.01 SP7).
In our version of SAP Portal, the AD parameter "User must change password at Next logon" has one parameter which is similar, but does not directly correspond. The SAP Portal parameter which we do have is "No password change required". Notice this is the logical opposite of the AD parameter: AD says to require the password, whereas SAP Portal says it's NOT required. Therefore, when the AD parameter is set to ON, this results in the Portal parameter being set to OFF. Even still, we face the login failure.