Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

SAP NW ABAP Password Deactivation - via BAPI

Dear colleagues,

I need to deactivate passwords of user-ids that don't use password logon regularily. The more simple locking of the User-ID (BAPI_USER_LOCK) is not a feasable option as those user-ids need to stay unlocked for Logon-Ticket based access from the portal.

Password deactivation has to be done in a batch job: The job will "observe" that password based logon has not been used for a while (based on USR02-TRDAT as the portal logons are RFCs) and then deactivate passwords.

There is no problem to do this via SU01. Authorizations required are S_USER_GRP / 05 / ... . Just "Deactivate" in the password pop-up. Fine.

But as we need to do this via a background job, I tried to find a more slick way than Batch Input Sessions: An official BAPI or at least a handy (and sufficiently stable) function module to deactivate the password. But I failed ... . I seriously wonder whether I just overlooked it ...

I found what SU01 does - it finally calls SUSR_USER_PASSWORD_PUT, but there are too many things left and right to re-implement before and after it does that ... . SUSR_USER_CHANGE is not a help as well. And I don't what to mimik the effect of SUSR_USER_PASSWORD_PUT by "hacking" 0s into BCODE and 'X' into CODVN

So: If anybody knows a handy way to deactivate the password of an individual user from within an ABAP, let me know. Your help is greatly appreciated.

Best regards,

Ralf

p.s.: A BAPI that would set the lock for "too many invalid password attempts" (hex 80 in USR02-UFLAG) would also do the job ... - but I couldn't find this one as well.

Former Member
Former Member replied

Hello Ralf,

I am not to sure about a 6.10 system. Haven't seen one of those for a while now.

On an up-to-date patched system: Set the LOGONDATA-CODVN = 'X' (it will also default bcode to 0000000... not that that means very much though...) and activate the structure(s) as you wish.

Cheers,

Julius

PS: It is in the LOGONDATA structure. Not PASSWORD.

Message was edited by:

Julius Bussche

1 View this answer in context
Not what you were looking for? View more on this topic or Ask a question