01-16-2009 10:39 AM
Hi all,
I would like to add the "RESET PASSWORD" functionality in the SAP Logon Screen (SapGui Access)
I have read in note 205487 that this is not possible, as SAP strongly recommends not changing the system program SAPMSYST.
Anybody has any suggestion of how to implement this functionality, to allow end users to reset their passwords?
Thanks in advance!
01-16-2009 11:23 AM
There have been some discussions here before about "password self-service" tools (which is what you will be looking for).
If you search for those terms, then you will find them.
Cheers,
Julius
01-29-2009 9:47 PM
That feature will be provided with the next SAP Identity Management solution version.
01-29-2009 11:06 PM
Thanks Wolfgang.
I have made 2 further development suggestions to Jutta and Frank as well.
1) Password vault for centrally managed generic UIDs.
2) Emergency Access which is centrally requested / released.
I am sure that both of them will interest you. Particularly the 2nd suggestion to only add the delta authority via the releaase (which on it's own is useless) would be more secure than current solutions.
Cheers,
Julius
01-30-2009 8:32 AM
Well, the task of an Identity Management (IdM) solution is to provide central services.
One of such services might be a "forgotten password" self-service.
It's the task of an IdM to handle heterogenous system landscapes (including user-mapping).
However, an IdM does not necessarily provide SSO functionality.
That is the task of an Identity Provider (IdP) / Domain Controler.
The IdM has to ensure that accounts exists and are supplied with proper attributes; that's a kind of "lifecycle management for user identities".
01-30-2009 8:35 AM
> 1) Password vault for centrally managed generic UIDs.
> 2) Emergency Access which is centrally requested / released.
That sounds more like the "GRC AC Superuser Privilege Management" (aka "Firefighter") solution, which is a different topic.