Announcing the SAVIYNT KNOWLEDGE EXCHANGE unifying the Saviynt forums, documentation, training, and more in a single search tool across platforms. Click HERE to read the Announcement.

Reset password in SAP enable account task

JohnLawson
Regular Contributor
Regular Contributor

I'm trying to use the ENABLEACOCUNTJSON in the SAP connector config to reset a password when enabling an account. Currently I have that json as:

{
"PASSWORD": {
"BAPIPWD": "${'totallyrealpassword'}"
}
}

 

But it leaves the password deactivated:

JohnLawson_0-1682716088635.png

Does anyone know why it isn't resetting the password?

The password shows correctly generated in the logs:

JohnLawson_0-1682716359487.png

And the user gets unlocked

JohnLawson_1-1682716408437.png

Thank you!

{This post has been edited by a moderator to merge two posts.]

8 REPLIES 8

prasannta
Saviynt Employee
Saviynt Employee

Hi @JohnLawson 

Can you share the entire Enable Account JSON? Also can you check if the CODVN is set to X on the account?

Thanks

JohnLawson
Regular Contributor
Regular Contributor

Here is the enable account json. I've changed around the actual password generation logic for security reasons but you can get the gist of it.

{
"ADDRESS": {
"LASTNAME": "${user?.lastname}",
"FIRSTNAME": "${user?.firstname}",
"FULLNAME": "${user?.displayname}",
"E_MAIL": "${user?.email}",
"DEPARTMENT": "${user?.costcenter}",
"TEL1_NUMBR": "${user?.phonenumber}",
"LANGU_P": "EN",
"COMM_TYPE": "INT"
},
"GLTGB": "99991231",
"PASSWORD": {
"BAPIPWD": "${'somepassword-'.concat((user?.lastname.substring(0,1).toLowerCase()).concat(user?.firstname.substring(0,1).toLowerCase().concat('-'.concat(user?.state))))}"
}
}

set CODVN = H under Password


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

rushikeshvartak
All-Star
All-Star

You have deactivated password based login only SSO login will work. Does sap support password based login if yes why its deactivated for user


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

As a security requirement, when we fire someone, we have to disable the user's password, lock the account, and set the expiration date. 

When we rehire them, We have to reactivate this account. Currently we are able to unlock the account, remove the expiration, but we aren't setting the password back up (which we need to do but I can't get it working).

can you share json


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

The following is json I put in enable account json .. to try reset password from that operation .. as I do not see another way to trigger reset password: 

{
"ADDRESS": {
"LASTNAME": "${user.lastname}",
"FIRSTNAME": "${user.firstname}"
},
"PASSWORD": {
"BAPIPWD": "Acgtest@123",
"CODVN": "H"
}
}

 

When we try to reset password from ARS, it works well and it stops force password change. Is there any way I can trigger reset password ( similar to what we have in ARS) automatically with a specified password? 

abhiupadhyay
New Contributor III
New Contributor III

@JohnLawson did you find any solution for this? we are using the similar json, but it's not changing the password on SAP side. on SAP it still takes the old password and once logged in .. it asks to change the password