05-18-2007 8:07 AM
Hi,
I have used ECC 6.0 system(BASIS 7.0) and I want to manage account automaticlly.So, I want to decrease managment effort for account managers.For example, When a user forgets her/his password, he/she will be able get her/his own via email.Is there any appropriate method or technology for this situation
05-18-2007 11:09 AM
Quite a few Identity Management Vendors offer password self-service facility. I <i>think </i> the GRC Access Control offers this too, but you will have to check that.
If you want to create a solution yourself, there are a whole load of FM's & BAPI's that you could use to facilitate this. You can find info here:
05-20-2007 8:15 PM
Well, the risk of such a self-service is that anyone might be able to reset the password of other users - and the fact that passwords will be transmitted over an insecure channel.
However, some implementations of such a password forgotten self-service are quite smart: the system only generates a 'password reset token' which will be send to the mail address (stored in the user master record); that token is only valid for a short time and need to be entered on the webpage where the user has requested the self-service; if the token is valid, the user can set a new password.
I've seen that on a <a href="https://www.heise.de/userdb/register?dirid=1&skin=default&rm=show_forgotpassword">German internet forum registration page</a>.