Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP Logon Screen - RESET PASSWORD

former_member267760
Explorer

‎01-16-2009 10:39 AM

0 Kudos

Hi all,

I would like to add the "RESET PASSWORD" functionality in the SAP Logon Screen (SapGui Access)

I have read in note 205487 that this is not possible, as SAP strongly recommends not changing the system program SAPMSYST.

Anybody has any suggestion of how to implement this functionality, to allow end users to reset their passwords?

Thanks in advance!

5 REPLIES 5

Former Member

‎01-16-2009 11:23 AM

0 Kudos

There have been some discussions here before about "password self-service" tools (which is what you will be looking for).

If you search for those terms, then you will find them.

Cheers,

Julius

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎01-29-2009 9:47 PM

0 Kudos

That feature will be provided with the next SAP Identity Management solution version.

Former Member
In response to Former Member

‎01-29-2009 11:06 PM

0 Kudos

Thanks Wolfgang.

I have made 2 further development suggestions to Jutta and Frank as well.

1) Password vault for centrally managed generic UIDs.

2) Emergency Access which is centrally requested / released.

I am sure that both of them will interest you. Particularly the 2nd suggestion to only add the delta authority via the releaase (which on it's own is useless) would be more secure than current solutions.

Cheers,

Julius

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎01-30-2009 8:32 AM

0 Kudos

Well, the task of an Identity Management (IdM) solution is to provide central services.

One of such services might be a "forgotten password" self-service.

It's the task of an IdM to handle heterogenous system landscapes (including user-mapping).

However, an IdM does not necessarily provide SSO functionality.

That is the task of an Identity Provider (IdP) / Domain Controler.

The IdM has to ensure that accounts exists and are supplied with proper attributes; that's a kind of "lifecycle management for user identities".

WolfgangJanzen
Product and Topic Expert
Product and Topic Expert
In response to Former Member

‎01-30-2009 8:35 AM

0 Kudos

> 1) Password vault for centrally managed generic UIDs.

> 2) Emergency Access which is centrally requested / released.

That sounds more like the "GRC AC Superuser Privilege Management" (aka "Firefighter") solution, which is a different topic.