Highlighted
Anonymous_User Absent Member.
Absent Member.
590 views

SAP Netweaver change user password


Hi, everyone,

We currently have a curious issue to figure out.
Has anyone experienced syncing IDM to SAP Netweaver 7.1 ?
It is actually working fine via Subscribe channel.
Now we have issue about changing password. If we change password from
IDM account, the Password is sync to SAP Netweaver user account.
But SAP user has to use this new password as a initial password, and
need to reset again....
Is there any idea how to avoid this situation?
Thanks a lot.


--
miller_chen
------------------------------------------------------------------------
miller_chen's Profile: https://forums.netiq.com/member.php?userid=4567
View this thread: https://forums.netiq.com/showthread.php?t=49600

Labels (1)
0 Likes
1 Reply
Knowledge Partner
Knowledge Partner

Re: SAP Netweaver change user password

On 1/2/2014 7:16 AM, miller chen wrote:
>
> Hi, everyone,
>
> We currently have a curious issue to figure out.
> Has anyone experienced syncing IDM to SAP Netweaver 7.1 ?
> It is actually working fine via Subscribe channel.
> Now we have issue about changing password. If we change password from
> IDM account, the Password is sync to SAP Netweaver user account.
> But SAP user has to use this new password as a initial password, and
> need to reset again....
> Is there any idea how to avoid this situation?


You are in the wrong forum.

There is an Engine-Drivers forum.

If you look at the policies, you should have something in the Output
transform that sees a password change (modify of
nspmDistributionPassword) and changes the attributes in the event.

My Packaged version from 4.02 has a policy object called
NOVLPORTB-otp-passwordChange and a rule called Do a set password in
neccasary (using entitlements).

Anyway, it generates a random password. Sets that value into the
attribute sapoldpassword.

Then it changes the nspmDistributionPassword value to be in the
sapnewpassword attribute instead.

Thus you get an event doc sent into SAP Portal shim, with sapnewpassword
and sapoldpassword.

The shim is coded to know to handle those as set it to the
sapoldpassword, which is an intial password now, and then send in a
second event which is a change password from sapoldpassword to
sapnewpassword.

Makes sense?

Second option is to explain to the SAP guys that they need to change the
security policy to stop making admin changes initial passwords.





0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.