on 03-19-2015 6:46 AM
Hello Experts,
We are trying to implement a solution where password reset should also unlock users locked due to incorrect attempts in SAP. Is there a way in IDM to identify the lock type of a user
Best Regards,
Mohammed
ABAP or Java? Have you run an initial load? If so, take a look for example what values does the isLocked column have in the sap[rep_name]user-table for ABAP-system or take a look at the values in ABAP-system directly.
You can unlock the user as follows for ABAP-system (sorry don't have AS Java screen shots in this laptop).
regards, Tero
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Mohammed,
Here is my solution, it works, but you will have to add additional task and script to check the status(as well, it will take longer).
Solution:
In your order task group 8. Set ABAP User password(SAP connectors) add additional task(as first task), that will read from SAP(read the islocked - flag(for user lock) and iswronglogon - flag(for password lock) from SAP) and store the data in some temporary table(sap_locked_temp_table....), as well when you are reading the data from SAP you can add a script to check the result and in case of SAP lock - islocked=L, to skip the next task(skip the password change for this system). Keep in mind that you will have to do this check for each system, so in your temporary table you have to keep not only the userid, but and the system in which the user is locked.
But if you want to unlock the password, without unlocking the user, it's not possible, as the flag iswronglogon doesn't work with ToSAP pass, you can only read it.
My solution works in case you want to unlock the password only if the user is unlocked.
BR,
Simona
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.