I'm considering writing a blog on the subject of executing BAPI_USER_CREATE (and others) in remote target systems, however, I've decided to give all you security admins a heads-up first... I may even cancel my evil intentions if bribed sufficiently. How about it?
😉
Trond