cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Self service password reset not working after upgrade to SAP PF2

Go to solution
youssef_anegay3
Explorer

on ‎03-10-2015 11:05 PM

0 Kudos

Hello

i have upgraded to the SAP provisionning framework2. Since then, everything seems to be working fine apart from the self service password reset. The password in the UME is reset, but not in the ABAP backend. I have applied SAP note 2010298 but with no success.

This was working fine before the upgrade

I have SAP IdM 7.2 SP09

any ideas ??

Y.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

youssef_anegay3
Explorer
‎03-11-2015 1:05 PM
0 Kudos

OK problem solved. I had to check the option "Enable Password Provisionning" in the Identity store ... this is strange as this option was not checked with the first version of SAP Provisionning Framework.

Thanks for your help !

Show replies
Show replies

Answers (4)

Answers (4)

youssef_anegay3
Explorer
‎03-11-2015 9:34 AM
0 Kudos

I have run the trace... This is very strange. I do not know whether the SQL request is wrong .. but apparently when the "Check password update" SQL request (select COUNT(VarName) from mxpv_audit_variables where AuditID=%AUDITID% and VarValue='%MSKEY%' and VarName='MARK_EXEC_PASSWORD_SET%MSKEY%') is run there is no entry in the database and nothing is triggered and therefore no password reset is done:

Show replies
Show replies
Former Member
‎03-11-2015 8:48 AM
0 Kudos

Hi Youssef,

As well check your SYSTEM privileges, if the MX_ENCRYPTED_PASSWORD is listed into the Modify triggers list in the Tasks-tab.

BR,

Simona

Show replies
Show replies
youssef_anegay3
Explorer
‎03-11-2015 8:57 AM
0 Kudos

Hello Simona,

The MX_ENCRYPTED_PASSWORD is listed in the modify triggers list in the tasks tab of my SYSTEM priviledge :

As i said, this was working perfectly before the upgrade to SAP Provisionning Framework 2. This is very strange. I have checked the jobs, and the "ChangePasswordOfABAPUser" is never triggered ... for some reason

terovirta
Active Contributor
‎03-11-2015 7:18 AM
0 Kudos

Hello,

what value does the mx_password_disabled-attribute have for your users? Check also the ABAP-repositories that the MX_HOOK8_TASK is set.

regards, Tero

Show replies
Show replies
youssef_anegay3
Explorer
‎03-11-2015 8:22 AM
0 Kudos

Hello Tero

The MX_HOOK8_TASK is set:

What do you mean by "what value does the mx_password_disabled-attribute have for your users?" ... you mean if the task is activated in the master priviledge ?

former_member2987
Active Contributor
‎03-10-2015 11:40 PM
0 Kudos

Hi Youssef,

There's a few things that I can think of:

1. I'm assuming that all dispatchers are up and running... Are the set to the new jobs?  Are the enabled?

2. Have you enabled the trace to see what tasks are firing and what ones are not?

3. Check to make sure that if you have tasks that are linked, make sure that you're referencing the right tasks.

Matt

Show replies
Show replies
youssef_anegay3
Explorer
‎03-11-2015 8:16 AM
0 Kudos

Hello Matt,

1- the dispatchers are indeed running. The jobs are enabled. I guess the dispatcher is set to the new jobs as the password in the UME of the java instance linked to IdM get reset.

2- I have not set the trace. But there is something weird when i reset the password as i get this:

3- I think the right tasks are referenced as the password gets updated in the Java instance of IdM

Ask a Question