Existing Passwords May not Work in an SAP Namespace

When you log on using an SAP namespace, some previously functional passwords may no longer work.

The following error message may appear:

Unable to authenticate a user. Please contact your security administrator. Please type your credentials for authentication.

This is because of a policy change in SAP software. In previous versions of SAP software, passwords were not case sensitive. All password characters were automatically converted to uppercase. In SAP RFC 6.40, password characters are not automatically converted to uppercase and so passwords are case sensitive.

To address the password policy change, the SAP BAPI interface introduced a new configuration parameter named bapiPasswordConv. Using this parameter, you can enable or disable the functionality that automatically converts all password characters to uppercase. To ensure that all previously created passwords can still provide successful logon, set the value of the bapiPasswordConv parameter to true.

Procedure

  1. Open the file bapiint_config.xml.

    This file is located in the install_location\configuration directory.

  2. Change the value of the bapiPasswordConv parameter to true, as shown in the following fragment of code: 
    <bapiAbapDebug value="false"/> 
	<bapiTransCall value="false"/> 
	<bapiCharConv value="true"/> 
	<bapiCmdRecording value="false"/> 
	<bapiCacheReset value="false"/> 
	<bapiCallLocks value="false"/> 
	<bapiSupportCancel value="true"/> 
	<bapiMaxSuspendTime value="200"/> 
	<bapiPasswordConv value="true"/>
  3. Save the file.
  4. Restart the IBM® Cognos® service.

Results

For more information, see the following SAP Notes:
  • 792850 - Preparing ABAP systems to deal with incompatible passwords
  • 862989 - New password rules as of Web AS ABAP 7.0/NetWeaver 2004