on 09-13-2012 3:02 PM
Hi all,
i wan´t to create a password reset task in SAP IdM where the User Adminstrator can select a repository in the UI. The password should only be resettet in that choosen repository. Can someone help me or tell me where i can find infromation about this.
Regards Daniel
Hi Dan,
Sounds like you just need a custom attribute to choose the repository (see attributes - tab Values). Then a task that will send the password field to the repository. Doesn't sound like it will be that difficult, let me know if you run into any problems.
Regards,
Chris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Chris,
thank you for you anser but i do not understand what you mean. Where do i have to define the custom attribute in the identity store shema? And after that how can i setup a taks that it will use the information from the custom attribute in the ui to set up the connection to that choosen repository?
I´m new to IdM and just started to set it up.
Regards,
Daniel
Hi Daniel,
If you're working on IDM 7.2, you can follow the below steps:
1. Create a custom attribute in Identity Store schema. Go to Identity Center-->Identity Store-->Identity Store Schema-->New Attribute.You can restrcit the 'Values' of this attribute to the name of the repository in your landscape.
OR
You can allow your user administrators to select ACCOUNTREPID attribute of the user, where the password has to be reset. ACCOUNTREPID attribute is used by IDM to show that user's account exists in repository - REPID.
2. Create another custom attribute if you would like the user administrator to manually enter new password. Mark this attribute as 'Encrypted' to ensure security. If you have a script that generates a random password and sends it to the user, you can skip this step.
3.Create 'Password Reset for a Repository' Ordered Group UI task. This task will accept, Repository Custom Attribute, New Password Custom Attribute (Optional) and MskeyValue of the user as the input.
4. Create another Generic task under 'Password Reset for a Repository' task. This new task will call a new custom script example : 'zsap_core_resetpassword(Repository,Password,mskeyvalue)'.
5. In the new custom script ,you can use uProvision function to start password reset provisioning task defined on the Repository . Please go through help file to know more about this internal function- uProvision.
PS:
(i )If you use standard password attribute like MX_PASSWORD or MX_ENCRYPTED_PASSWORD, the password will get provisioned to all repositories where the user account was created. Either disable password provisioning for standard password attrribute or create a custom password attribute.
(ii) Perform validation before resetting the password, validation like user's acount should exist in the selected repository
Thanks,
Anuj
Hi Daniel,
please also check the IDM RDS (rapid deployment solution) which contains your requested functionality and much more.
https://service.sap.com/rds-idm
Best regards,
René Feister
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
98 | |
11 | |
11 | |
10 | |
10 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.