Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to automate password reset for SAP users.

Go to solution
Former Member

‎10-01-2007 9:16 AM

0 Kudos

Hi Experts,

In my company SAP environment, there are around 250 users.

Every day i will few complaints about unlock user ID.

I request you to advice me in creating certain solution for unlock and password reset management.

like...

if user ID was locked by incorrect logins, the user ID should be unlocked with in some time automatically, and acknowledge has to be sent to user and the BASIS admins.

please give your valuable inputs for this scenario.

thanking you in all,

Best regards,

raghav

1 ACCEPTED SOLUTION

Go to solution
Former Member

‎10-01-2007 10:58 AM

0 Kudos

Hi

Do the following steps in your SAP NetWeaver Application Server (AS) :

1. Start user management configuration.

2. Choose the Security Policy tab.

3. Choose Modify Configuration.

4. Here Enter data as required :

<u><b>Auto Unlock Time (Minutes)</b> 😆 </u> Enter the number of minutes after which the system automatically unlocks a user account, after the user was locked due to failed log on attempts.

Enter 0 to deactivate this option. The user remains locked until unlocked by an administrator

3 REPLIES 3

Go to solution
Former Member

‎10-01-2007 10:58 AM

0 Kudos

Hi

Do the following steps in your SAP NetWeaver Application Server (AS) :

1. Start user management configuration.

2. Choose the Security Policy tab.

3. Choose Modify Configuration.

4. Here Enter data as required :

<u><b>Auto Unlock Time (Minutes)</b> 😆 </u> Enter the number of minutes after which the system automatically unlocks a user account, after the user was locked due to failed log on attempts.

Enter 0 to deactivate this option. The user remains locked until unlocked by an administrator

Go to solution
former_member185864
Active Participant

‎10-01-2007 11:55 AM

0 Kudos

Hi Raghav,

1. goto D:\usr\sap\<Inst-ID>\JCxx\j2ee\configtool -->configtoo.bat

ex: D:\usr\sap\J3E\JC01\j2ee\configtool -->configtoo.bat

2.Goto cluster-data --> Global server configuration --> services --> com.sap.security.core.ume.service

3. Set values for below properties.

<b>a)</b> ume.logon.security_policy.lock_after_invalid_attempts = < Enter some Num: 3>

Note: this property belongs to number of invalid attemps

<b>b)</b>ume.logon.security_policy.auto_unlock_time = < Enter time in minites : 5>

Note: this preperty belongs to Auto Unlock.

<b>c)</b> for mail notification, you have set mail setting in configtool.

4. Save & Restrat Engine.

It is helpfull, Give points.

Regards,

Nagaraju

Go to solution
Former Member

‎10-01-2007 12:16 PM

0 Kudos

Hi Raghav,

This isn't something that I would recommend doing for various reasons but can understand why you would want to do something like this.

Obviously you don't want to compromise your system settings and automatically unlock <i>everyone</i> at midnight, so, I would have though something following this sort of logic would work.

Schedule job to run periodically that would run your custom program e.g.

Z_UNLOCK_MUPPET_USERS

That program would check table USR02 for UFLAG = 128 (locked due to wrong password) and where it found it, would pass the userID into something like BAPI_USER_UNLOCK (not sure if this is exactly the one you want but you get the idea).

Unlock would be performed, user & basis team informed that this had happened - I'm sure there is loads of code out there to do this part.

Hope that helps

Cheers

Alex