This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Creating a SAP user account with a deactivated password

Go to solution
Sampo
New Contributor III
New Contributor III

‎10/04/2022 05:19 AM

Hi,

does anyone know if it's possible to create a SAP user account with a deactivated password using Saviynt's SAP connector? The customer is using SAP CUA and single-sign-on so any new accounts created from Saviynt should have a deactivated password.

If we use the following config in SAP connector's CREATEACCOUNTJSON then the password is shown as "Initial password (Set by Administrator)" in SAP:

"PASSWORD":{"BAPIPWD":"${randomPassword}"}

I have also tried to add the following to LOGONDATA with no success:

"PWDSALTEDHASH":"",

"PASSCODE":"",

"BCODE":"",

"LTIME":"",

"CODVN":"X"

 

Best regards,

Sampo

Labels:
0 Kudos
3 REPLIES 3

Go to solution
rushikeshvartak
All-Star
All-Star

‎10/04/2022 06:42 AM - edited ‎10/04/2022 10:18 AM

You can't skip password while creating account however remove GUIFLAG from SNC Module

 

{
    "ADDRESS":{
        "LASTNAME":"${user.lastname}",
        "FIRSTNAME":"${user.firstname}",
        "E_MAIL":"${if(user.email!=null  && !user.email.isEmpty()) {user.email}else{''}}"
    },
    "ALIAS":{
        "USERALIAS":"${accountName}"
    },
    "LOGONDATA":{
        "USTYP":"A",
        "GLTGB":"${if(user.enddate!=null){new java.text.SimpleDateFormat('yyyyMMdd').format(user.enddate)}else {'99991231'}}",
        "GLTGV":"${if(user.startdate!=null){new java.text.SimpleDateFormat('yyyyMMdd').format(user.startdate)}else {new java.text.SimpleDateFormat('yyyyMMdd').format(new Date())}}",
        "CODVN":"X",
        "CODVC":"X",
        "CODVS":"X"
    },
    "PASSWORD":{
        "BAPIPWD":""
    },
    "SNC":{
        "PNAME":"p:CN=${user?.customproperty7?.toUpperCase()}@${user?.customproperty32?.toUpperCase()}"
    }
}

 


Regards,
Rushikesh Vartak

Go to solution
avinashchhetri
Saviynt Employee
Saviynt Employee

‎10/04/2022 07:11 AM

@Sampo,

To create a user account with deactivated password flag set to true, under LOGONDATA, pass the following:

"CODVN": "X",
"CODVC": "X",
"CODVS": "X",


Under PASSWORD, pass the password as blank as shown :


"BAPIPWD" : ""

 

 

Regards,
Avinash Chhetri

Go to solution
Sampo
New Contributor III
New Contributor III

‎10/04/2022 02:24 PM

Thanks @avinashchhetri  and @rushikeshvartak, adding 'CODVN': "X", "CODVC: "X", "CODVS": "X" and setting "BAPIPWD" as empty instead of using a random password seems to have fixed this problem.

Best regards,

Sampo

0 Kudos
Copyright © 2023 Khoros, LLC