cancel
Showing results for 
Search instead for 
Did you mean: 

user unlock using self service and early detection of user id expiration

Former Member
0 Kudos

Hi Experts,

I have couple of questions

a) Can End user be able to unlock his user id which was locked due to wrong password through self service in SAP IDM. If so can you please give some details about some documents which explain this, it will be great help.

b) Can SAP IDM store information like employees dependent information and assent information, employees vehicle number etc. Is it possible to store these information in SAP HR and can be taken to SAP IDM

c) Will SAP IDM able to detect if password or user id is about to expire and if so can SAP IDM email this information to the employee and HR. If this is possible how we can achieve this in SAP IDM

Thank you in advance for your answers.

Accepted Solutions (1)

Accepted Solutions (1)

former_member198313
Contributor
0 Kudos

a) Can End user be able to unlock his user id which was locked due to wrong password through self service in SAP IDM. If so can you please give some details about some documents which explain this, it will be great help.

yes its possible. Pls refer these links.

https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/00d69428-cc00-2c10-9ca5-b4f607bb... (Guide - Self-service password reset)

https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e04a0800-1cdf-2b10-218a-94ba2cfe...

b) Can SAP IDM store information like employees dependent information and assent information, employees vehicle number etc. Is it possible to store these information in SAP HR and can be taken to SAP IDM

Yes. This is possible to store these kind of information in IDM. Just have to add fields in IDM repository.

However not sure abt HR.

+ An

*This is NOT SAP official message

Former Member
0 Kudos

Hi Ankur

Thank you very much for the reply

>yes its possible. Pls refer these links.

I suppose you might have confused my question with password reset. My question is if the sap user id is locked due to wrong password, how you we can unlock the user id from SAP IDM 7.0 with out contacting the

helpdesk. Do you have any specific documents for unlocking the user id ( Not talking about about password reset. Because before reseting the password we need to unlock the user and only then we will be able to reset the password again)

Answers (1)

Answers (1)

Former Member
0 Kudos

c) Will SAP IDM able to detect if password or user id is about to expire and if so can SAP IDM email this information to the employee and HR. If this is possible how we can achieve this in SAP IDM

There's a few ways to do this, but NW IDM includes password age functionality including a reminder.

To examine these settings, select the main Identity Store node and then select the "Password Policy" tab.

Former Member
0 Kudos

Hi Matthew

Thank you very much for your reply.

>password age functionality including a reminder.

Does this means that once the password age reaches, SAP IDM will send an email to the user with a standard text which we can provide? Is there any reference to this feature in any of the SAP IDM documents.

Thank you very much once again.

Former Member
0 Kudos

You know I'm not sure on this one. I've never used the functionality and the help is a little sparse. Matt Kangas?

Former Member
0 Kudos

Hi Matthew

What is your opinion about unlocking the user due to wrong password in SAP IDM 7.0. Is that possible. I mean my 2 reply to Ankur has the question more clearly.

>Matt Kangas?

Waiting for Matt.

Former Member
0 Kudos

Sahad,

What is your opinion about unlocking the user due to wrong password in SAP IDM 7.0. Is that possible. I mean my 2 reply to Ankur has the question more clearly.

This is not a problem. NW IDM includes plenty of functionality for recovering/resetting passwords. You'll need to define a workflow and then set that workflow in the Idenitity Store settings and Password tab.

Check the bundled documentation for more information. As I recall, the Kisok document will probably be the most helpful.

Matt

Former Member
0 Kudos

Hi Matthew

Thank you for the answer

I am not talking about reseting the password

My question is if the sap user id is locked due to wrong password, how the enduser can unlock the user id from SAP IDM 7.0 with out contacting the helpdesk. It is like if the user id is unlocked, then the user should be able to login with correct password and user do not want to reset the password.

Any tips on this ?

Former Member
0 Kudos

Sahad,

I'm not an expert in this particular use case, but I'd imagine there's a BAPI or other mechanism for doing this.

Matt

Former Member
0 Kudos

Hi,

Just saw my name called out in this thread...I've been a little behind on reading these lately ;-)...

Let me check around on this...I will make a follow-up post soon.

Best Regardes,

Matt

Former Member
0 Kudos

Hi Sahad,

You can create a customized task as a self service. this task attributes will have repository attribute (which lists ABAP, Java & other systems) and password attributes.

you can assign the existing assign/change password (SAP Provided) to the above task.

end user will get this task with repository list and password attributes.

select the repository change password.

This is PURELY Customizable, not from standard

regards

Anand.M

Former Member
0 Kudos

Hi Sahad,

You can create a customized task as a self service. this task attributes will have repository attribute (which lists ABAP, Java & other systems) and password attributes.

you can assign the existing assign/change password (SAP Provided) to the above task.

end user will get this task with repository list and password attributes.

select the repository change password.

This is PURELY Customizable, not from standard

regards

Anand.M

Former Member
0 Kudos

Hi Sahad,

I also briefly discussed this with my colleagues. It is as Anand says. The lock attribute can be set by a task. You can either make this a standalone self-service task, as in Anand's example, or make it part of the password reset in the task itself or as another part of an Ordered Task Group.

Best Regards,

Matt