cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Reading Passwords from CUA or an ABAP client to IC

Former Member

on ‎09-08-2011 3:25 PM

0 Kudos

Hi,

We are trying to read productive passwords from our ABAP client to IdM, the reason we have to go this route since we do have a 3rd party tool which will reset passwords in ABAP when they are changed in AD. I've created a job to read users along with password from ABAP client, when I run the job I'm getting a NULL value to IdM

Thanks,

Joe.P

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member2987
Active Contributor
‎09-08-2011 5:33 PM
0 Kudos

Joe,

I'm not a CUA expert, but I will tell you from my past experience at these types of endeavors, that it won't work.

The password is usually saved as a non-recoverable hash so it can not be decrypted or reverse engineered.

Usually the best practice is to start setting productive passwords each time you reset the primary account password. This will you can capture it and save it to multiple systems.

Matt

Show replies
Show replies
Former Member
‎09-09-2011 3:55 PM
0 Kudos

Matt,

Thanks for responding to my post, so what you are saying is SAP IdM won't be able to read passwords that are provisionined on a SAP ABAP system. I thought SAP IdM should be able to read and decrypt productive passwords on other SAP systems.

Thanks,

Joe.P

Former Member
‎09-17-2011 10:17 AM
0 Kudos

Hey Joe,

there would be no other tool, having the capability do decrypt productive passwords of ABAP system.

Kind regards,

Achim

former_member2987
Active Contributor
‎09-19-2011 8:48 PM
0 Kudos

Joe,

Achim is correct. Essentially the only time that a password is truly accessible is when it is set by the user. If you are setting the password from IDM to other systems, you could record it in a encrypted format, which could be deciphered. Otherwise, the answer is no.

Matt

Former Member
‎09-21-2011 8:45 PM
0 Kudos

Thanks every one responding to my question.

Thanks,

Joe.P

Edited by: Joe Padidham on Sep 21, 2011 9:46 PM

Ask a Question