cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ABAP Password reset in one particular repository

Go to solution
Former Member

on ‎09-13-2012 3:02 PM

0 Kudos

Hi all,

i wan´t to create a password reset task in SAP IdM where the User Adminstrator can select a repository in the UI. The password should only be resettet in that choosen repository. Can someone help me or tell me where i can find infromation about this.

Regards Daniel

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎09-13-2012 5:14 PM
0 Kudos

Hi Dan,

Sounds like you just need a custom attribute to choose the repository (see attributes - tab Values).  Then a task that will send the password field to the repository.  Doesn't sound like it will be that difficult, let me know if you run into any problems.

Regards,

Chris

Show replies
Show replies
Former Member
‎09-14-2012 8:27 AM
0 Kudos

Hi Chris,

thank you for you anser but i do not understand what you mean. Where do i have to define the custom attribute in the identity store shema? And after that how can i setup a taks that it will use the information from the custom attribute in the ui to set up the connection to that choosen repository?

I´m new to IdM and just started to set it up.

Regards,

Daniel

Former Member
‎09-15-2012 4:07 AM
0 Kudos

Hi Daniel,

If you're working on IDM 7.2, you can follow the below steps:

1. Create a custom attribute in Identity Store schema. Go to Identity Center-->Identity Store-->Identity Store Schema-->New Attribute.You can restrcit the 'Values' of this attribute to the name of the repository in your landscape.

          OR

You can allow your user administrators to select ACCOUNTREPID attribute of the user, where the password has to be reset. ACCOUNTREPID attribute is used by IDM to show that user's account exists in repository - REPID.

2. Create another custom attribute if you would like the user administrator to manually enter new password. Mark this attribute as 'Encrypted'  to ensure security. If you have a script that generates a random password and sends it to the user, you can skip this step.

3.Create 'Password Reset for a Repository' Ordered Group UI task. This task will accept, Repository Custom Attribute, New Password Custom Attribute (Optional) and MskeyValue of the user as the input.

4. Create another Generic task under 'Password Reset for a Repository' task. This new task will call a new custom script example : 'zsap_core_resetpassword(Repository,Password,mskeyvalue)'.

5. In the new custom script ,you can use uProvision function  to start password reset provisioning task defined on the Repository . Please go through help file to know more about this internal function- uProvision.

PS: 

(i )If you use standard password attribute like MX_PASSWORD or MX_ENCRYPTED_PASSWORD, the password will get provisioned to all repositories where the user account was created. Either disable password provisioning for standard password attrribute or create a custom password attribute.

(ii) Perform validation before resetting the password, validation like user's acount should exist in the selected repository

Thanks,

Anuj

Answers (1)

Answers (1)

renefeisterSAP
Advisor
Advisor
‎09-26-2012 10:22 AM
0 Kudos

Hi Daniel,

please also check the IDM RDS (rapid deployment solution) which contains your requested functionality and much more.

https://service.sap.com/rds-idm

Best regards,

René Feister

Show replies
Show replies
Ask a Question