Saviynt Forums

aundreb · ‎03/15/2023

Hello,

Is it possible to turn off random password generation for SAP connector? It looks to generate a random password by default. Currently I am trying to set a random password only if the user starts with xt otherwise use a password formula. Below is my CreateAccountJson where I pass in the logic to BAPIPWD. Regardless if the username starts with xt or not a random password is generated.

{
"ADDRESS": {
"LASTNAME": "${if(user?.lastname!=null){user.lastname}else{''}}",
"FIRSTNAME": "${if(user?.firstname!=null){user.firstname}else{''}}",
"E_MAIL": "${if(user?.email!=null){user.email}else{''}}",
"DEPARTMENT": "${if(user?.departmentname!=null){user.departmentname}else{''}}",
"FUNCTION": "${if(user?.title!=null){user.title}else{''}}"
},
"LOGONDATA": {
	"USTYP": "A"
},
"DEFAULTS": {
	"LANGU": "E",
	"DATFM": "5",
	"DCPFM": "X",
	"SPDB": "G",
	"SPDA": "D"
},
"CLASS": {
  "USERGROUP": "${if(task?.accountName.toString().toLowerCase().startsWith('t')){'SUPER'} else if(task?.accountName.toString().toLowerCase().startsWith('xt')){'CONSULTANT'} else{'Test'}}"
              
},
"PASSWORD": {
	"BAPIPWD": "${if(user?.username.toLowerCase().startsWith('xt')) {randomPassword} else {user?.lastname.substring(0,1).toUpperCase() + user?.lastname.substring(1,2).toLowerCase() + user?.customproperty63 + user?.username.substring(user?.username.length() - 3) + user?.customproperty64.substring(user?.customproperty64.length() -2) + '!'}}"
}
}

SB · ‎03/21/2023

Can you try to pass static value for the conditions in the password and see if that works with the if else clause.

Regards,
Sahil

aundreb · ‎03/24/2023

Hello Sahil,

It still only gives a random password if I put in a static password into the if else statement.

Password I got:

Logic ->

aundreb · ‎03/24/2023

So looks like the correct password is being set correct, but the email template does not send the correct password using ${account_password} variable. What is the correct variable to use to send the password?

SB · ‎03/27/2023

Can you try with ${task?.password}.

Regards,
Sahil

aundreb · ‎03/27/2023

Still doesn't work, email template sends a random password that doesn't work, while the password set from the SAP connector works.

SB · ‎04/03/2023

I checked this and the password we are setting is part of the json. The json gets triggered only when the task is provisioned so it will not be saved in the task itself and we will not be able to send this password in an email. The random password function on the other hand gets generated when the task is created and so can be sent via the email.

Regards,
Sahil

aundreb · ‎04/05/2023

Hi Sahil,

I'm not sure I'm following this. So what is the password variable to use in the email template?

Thanks,

Aundre

SB · ‎04/05/2023

The password currently being sent is the default random password that saviynt generates when the task is created. In your scenario, you are using the JSON to send a different password which does not get stored in Saviynt. And so cannot be sent in the email.

Regards,
Sahil

aundreb · ‎04/05/2023

That sounds like a bug doesn't it? Saviynt should store whatever password is set by the connector otherwise how would you know what the password is unless you hardcode it?

SB · ‎04/11/2023

Saviynt currently provides the functionality to set Random password based on OOB functionality but in this case you are using the JSON to build a custom function to set the password on top of the random password function Saviynt provides.

As an alternate approach though, can you try to define this same if/else clause in your email template and see if it works.

Regards,
Sahil

aundreb · ‎04/12/2023

I've tried this already. While it works for the predefined logic, the randompassword logic does not work because the email template still does not match what is being set by the connector.

rushikeshvartak · ‎04/11/2023

"LOGONDATA": {
                "GLTGB": "99991231",
        "GLTGV": "${new java.text.SimpleDateFormat('yyyyMMdd').format(new Date())}",
        "CODVN" : "X",
        "CODVC" : "X",
        "CODVS" : "X",
        "USTYP": "A",
"CLASS":"${USERGROUPS}"
     },
"PASSWORD":{},

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

aundreb · ‎04/12/2023

Hi Rushikesh,

Are you saying to just set the logic on PASSWORD and not BAPIPWD? If so, have you tested this and confirmed it works?

Thanks,

Aundre

Srinivas_N · ‎06/19/2023

try hardcoding

"PASSWORD": {
"BAPIPWD": "Welcome@123"
}

Saviynt Forums

Turn off random password generation for SAP