Thursday, 22 February 2018

One password for Five Applications in CSI Environment - Issues and Suggestions

One password for Five Applications in CSI Environment - Issues and Suggestions

On CSI Environment, One password is being used for the following five applications 
  1. IM Portal – Identity Management Portal. 
  2. HR Management – Human Resource (Leave Management). 
  3. SAP Software – Systems Application and Product. 
  4. DOP Service Desk. 
  5. POS Back Office and POS Counter – After Sync from Server. 
By the above concept, once we forgot password or locked by entering wrong password repeatedly in one application it will be reflected in all other application immediately (POS may take some time for getting locked due to sync concept).

Password Management is improper on CSI environment. The following suggestion may please be implemented for better password management.

IM Portal :Identity Management Password may be the Master password for all the officials. They can change the password of all other application from here itself and
  • Common password may be preferred for all other Online & Offline Applications viz., HR Management, SAP Software, DOP Help Desk and POS. This password should not similar with Master Password of IM Portal.
  • At present, the password is getting locked if we entered wrong password more than four times in any one of the said applications. This criteria may be set for only three online application such as HR, SAP and DOP Help Desk.
  • It is requested to remove the password criteria i.e user id getting locked by entering wrong password may be removed in POS and set one way sync user details for POS application i.e  receipt of change of password from central server. 
The below analysis based on issues faced in working environment. All SAs are requested to leave your comments under the comment box for further improvements.

Scenario 1:
My SAP Password getting locked by repeats wrong password attemps...

The above cases, password automatically getting locked in all other application because SAP is directly access the production server. Once user ID getting locked in SAP, it will immediately reflected in all other online application except POS. Once the user details is received form server through Daily Sync, the user details available in POS is also getting locked until that we may use old password.

Scenario 2:
My User Id getting locked in POS then what will happen in all other application

Once, my POS password getting locked other online application will work normally until High sync transmit the data of user details such as locked flag transmitting to central server. Once transmitted, all other online application is also getting locked. So The maximum number of attempts in password criteria may be removed in POS Application to avoid further issue.

Scenario 3:

User Password in SAP getting locked but POS is working normally due to sync issue. I reset my password in IM Portal and started working all other online application. Unfortunately, i tried new password in POS  more than four times and now the user details getting locked in offline POS. Now what will happened if sync is working.

The High Sync is transmitting files which also contains the user detail (flag may be set for the User ID as locked) to Central server and the user locked status was updated in the server. Now the  user password getting locked in all online and offline modules.

Hence, the removing of maximum attempts in POS Application is only the solution to avoid above circumstances and Set Master password for IM Portal.

Articles written by Admin, PoTools


Post a Comment