08-05-2007 11:39 AM
Hello,
I have seen a few posts with regards to users resetting their own passwords on this forum. I wanted to find out however if anyone is aware of any documentation on this topic, i.e. what to configure etc.
I am aware that this is possible but not quite sure how to implement this.
Any help in this regard would be greatly appreciated.
Regards
Vedette
08-06-2007 8:39 AM
Hi Vedette
There are a few self service solutions out there by Vendors and a good number of custom developments implemented by customers to allow password reset self service.
The main hurdle to overcome is adequate authentication for the reset, i.e. proving that the user is who they say they are. Without this considered then the system can be wide open to abuse.
Probably the slickest one I have seen at a client was a portal page that was accessed by a users network credentials. User navigated to the password reset page and entered a passphrase that they registered previously.
Once they have authenticated successfully, an rfc connection was created that ran BAPI_USER_UNLOCK and BAPI_USER_CHANGE (I think - was a while ago) and returned the password to the users screen.
08-07-2007 8:00 AM
Vedette,
If you are referring to the Java stack this is documented here:
http://help.sap.com/saphelp_nw04s/helpdata/en/45/7e6313d8780dece10000000a11466f/frameset.htm
-Michael