Initial password when LDAP user created i SAP?

Similar Messages

• How to programmatically set initial password when a user is created in OID

  We are using the odihragent synchronization process to automatically create users in OID when an employee record is created. We would like to set the initial password for the newly created user to their last name + the last 4 digits of their SSN.
  The odihragent process is successfully creating the user in OID and populates the last name and the last 4 digits of the SSN in OID. According to an open SR I have with Oracle, we cannot use the odihragent process to set the initial password because any time the employee record is updated, the synchronization process will reset the password to last name + SSN. They have recommended that we use a pl/sql plug-in to set the password using the WHEN_ADD plug-in procedure.
  I am new to using OID and plug-ins and the examples provided in the Developer's Guide are limited.
  I would like to know if anyone else is using plug-ins or another process to set initial passwords when a user is created? If you are using plug-ins would you be willing to share a code sample?

  I am surprised that I have not received any responses... Surely there are others who are experienced with programmatically setting passwords when new users are programmatically created. Does anyone have any pointers on how to best accomplish this?

• CUA environment - changing the initial password of a user.

  Hi Gurus,
  I've encounter a perculiar issue when I assign an initial password to a user.
  My system setup is based on CUA where my Central admin is client 100, with child client 200.
  - I create an ID in client 100, set it to system 200, set initial password as "passW0rd". Save
  - The ID was created in 200
  - Logged in Client 100 using ID and "passW0rd", prompted for new password (i canceled the login)
  - When back to client 100 CUA, in SU01 I select ID and click "EDIT", under the logon data I retype the initial password to "P4ssword"
  - checked SCUL, it's green and user change
  - Logged in Client 100 using ID and "P4ssword", error in password
  - tried the old "passW0rd", prompted for new password.
  I puzzled why the CUA did not redistribute the changed initial password to client 200, another can any ideas?
  I also tried SU01 and click "reset password" button instead of "edit", the changed password was able to distributed to client 200.
  By password change is ok this way or not ok if change within edit mode?
  Thanks,
  Jansen

  Hi Sergo, 
  Yes I realise the "change password" works but for my case I cannot use that function. Any other suggestions. Cos by right even if I were to change in the logon data it should work right?
  Hi Juan,
  Yes I've checked, the IDOCs are in and successful.

• GRC 10: Initial password for multiple users creation in a ARQ request???

  Hi All,
  I was trying to create a request in ARQ for multiple users. I noticed that, I could add all the necessary required information for multiple users using the template. I added the roles as well. However, I could not set the initial password for multiple users as the tab "User System Details" (where the initial password is provided for a single user) is disabled!!!
  The users were successfully created in the R/3 system. However, due to non-availability of initial password, these users could not log into the R/3 system.
  May I know how to set the initial password for multiple users?
  Regards,
  faisal

  Vit,
  I was trying to test this multiple user creation scenario. But I am surprise to get a template where in I have only below mentioned fields:
  1. User Name
  2. User Id
  3. Email
  I filled these details and uploaded. Then filled the "User Access" details. While submitting the request, I got the error:
  "Last name is not mentioned for user id XXX"
  But there is not such column in provided template by GRC!
  I added 2 columns: First Name and Last Name and saved it and uploaded again. These details are not picked up!
  Following are the only columns shown:
  1. User Name
  2. User Id
  3. Email
  4. Manager
  Out of above, only "Manager" field is editable and others are disabled.
  Last time I remember, I has got complete template with all the columns. Unfortunately, I have deleted it and not available with me now.
  Any idea you have why am I getting such incomplete template?
  Regards,
  faisal

• LDAPSYNC Reconn Job: LDAP User Create and Update Reconciliation

  OIM 11.1.1.5.4 (BP4) libOVD, trusted data source oid 11.1.1.5.0
  I have the reconn job working " LDAP User Create and Update FULL Reconciliation"
  But the incremental job not working "LDAP User Create and Update Reconciliation"
  No errors found in the oim server logs
  the msg found with the indication of the execution of the job.
  Has anyone been successful with the job "LDAP User Create and Update Reconciliation"
  [2012-10-21T08:09:03.922-04:00] [oim_server1] [NOTIFICATION] [IAM-1020005] [oracle.iam.scheduler.impl.quartz] [tid: OIMQuartzScheduler_Worker-2] [userId: oiminternal] [ecid: 0000Je3Cacy3n3WjLxuHOA1GWyFa000002,0] [APP: oim#11.1.1.3.0] Job Listener, Job was executed QuartzJobListener.jobWasExecuted Description null FullName DEFAULT.LDAP User Create and Update Reconciliation Name LDAP User Create and Update Reconciliation
  TIA
  gadba

  has any one had that worked, for the incremental job of ldapsync recon ?

• HT204409 How do I change or reset my password for my wifi? I have forgotten my initial password when I setup the wifi and now cant use it with my iPod but it still works with my iPad as the password option doesn't come up like the iPod.

  How do I change or reset my password for my wifi? I have forgotten my initial password when I setup the wifi and now cant use it with my iPod but it still works with my iPad as the password option doesn't come up like the iPod.

  If you are saying that the iPod asks for the password for the network and you do not know it, what may work is to turn on iCloud keychain for the iPod and iPad., Thet may sync the password from the iPad to the iPod
  http://9to5mac.com/2013/10/26/how-to-setup-and-use-icloud-keychain-for-mavericks -and-ios-7/
  Otherwise you will have to go into the router settings and reset the wifi password in the router

• OIM 11g - Set a default password when a user is created

  Hi everybody,
  I'm trying to set a default password when I create a user manually but I've got some errors.
  I firstly created a pre-process event handler to generate automatically a login and an email for a user who is created and it worked fine. But now I'm trying to generate a default password (like "ChangeIt" for example) that the user will have to change the first time.
  This is the code I wrote :
  public EventResult execute(long processId, long eventId, Orchestration orchestration) {
  String methodName = "EventREsult execute";
  System.out.println("###### " + className + " - method " + methodName + " - STARTED");
  HashMap<String, Serializable> parameters = orchestration.getParameters();
  System.out.println("###### OK1");
  String firstName = (String)parameters.get(UserManagerConstants.AttributeName.FIRSTNAME.getId());
  System.out.println("###### OK2");
  String lastName = (String)parameters.get(UserManagerConstants.AttributeName.LASTNAME.getId());
  System.out.println("###### OK3");
  String userKey = (String)parameters.get(UserManagerConstants.AttributeName.USER_KEY.getId());
  System.out.println("###### OK4");
  String userLogin = firstName + lastName;
  parameters.put(UserManagerConstants.AttributeName.USER_LOGIN.getId(), userLogin);
  System.out.println("###### OK5");
  parameters.put(UserManagerConstants.AttributeName.EMAIL.getId(), firstName + "." + lastName + "@test.test");
  System.out.println("###### OK6");
  parameters.put(UserManagerConstants.AttributeName.PASSWORD.getId(), "ChangeIt");
  System.out.println("###### " + className + " - method " + methodName + " - ENDED");
  return new EventResult();
  And When I try to create a user, I've got the error : "An error occured. Null input buffer"
  This is what I have in the console :
  <10 mai 2012 16 h 44 CEST> <Error> <oracle.iam.identity.usermgmt.impl> <IAM-3050030> <Exception lors de la rÚalisation de l'opÚration.
  java.lang.IllegalArgumentException: Null input buffer
  at javax.crypto.Cipher.doFinal(DashoA13*..)
  at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.decrypt(tcDefaultDBEncryptionImpl.java:219)
  at com.thortech.xl.crypto.tcCryptoUtil.decrypt(tcCryptoUtil.java:122)
  at com.thortech.xl.crypto.tcCryptoUtil.decrypt(tcCryptoUtil.java:200)
  at oracle.iam.platform.utils.crypto.CryptoUtil.getDecryptedPassword(CryptoUtil.java:136)
  at oracle.iam.transUI.impl.handlers.user.UpdateUsrPwdFields.updateUserPwdFields(UpdateUsrPwd
  Fields.java:124)
  at oracle.iam.transUI.impl.handlers.user.UpdateUsrPwdFields.execute(UpdateUsrPwdFields.java:
  71)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:
  898)
  <10 mai 2012 16 h 44 CEST> <Error> <oracle.iam.identitytaskflow.logging> <BEA-000000> <IAM-3060023>
  I know this is something due to the password parameter but I don't understand what is expected for this one ...
  If you someone could help me with this it would be really helpful !
  Thanks,
  Thibault

  Hi, Thanks for your quick answer !
  So it solved half of the problem ! Now I've got an other error : decrypt failed
  And this is the beginning of the error in the console :
  <10 mai 2012 18 h 14 CEST> <Error> <XELLERATE.ACCOUNTMANAGEMENT> <BEA-000000> <Class/Method: tcDefau
  ltDBEncryptionImpl/decrypt encounter some problems: Input length must be multiple of 16 when decrypting with padded cipher
  javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with pad
  ded cipher
  at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
  at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
  at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
  at javax.crypto.Cipher.doFinal(DashoA13*..)
  at com.thortech.xl.crypto.tcDefaultDBEncryptionImpl.decrypt(tcDefaultDBEncryptionImpl.java:2
  19)
  at com.thortech.xl.crypto.tcCryptoUtil.decrypt(tcCryptoUtil.java:122)
  at com.thortech.xl.crypto.tcCryptoUtil.decrypt(tcCryptoUtil.java:200)
  at oracle.iam.platform.utils.crypto.CryptoUtil.getDecryptedPassword(CryptoUtil.java:136)
  at oracle.iam.transUI.impl.handlers.user.UpdateUsrPwdFields.updateUserPwdFields(UpdateUsrPwd
  Fields.java:124)
  at oracle.iam.transUI.impl.handlers.user.UpdateUsrPwdFields.execute(UpdateUsrPwdFields.java:
  71)
  at oracle.iam.platform.kernel.impl.OrchProcessData.runPreProcessEvents(OrchProcessData.java:
  898)
  What does it means ? My password must be encrypted or something like this ?
  Thanks if you can help me with this !!
  Thibault

• How to only synchronize one specific LDAP user group with SAP?

  Hi,
  Hopefully this is the correct forum to post this in. I want to have continuous one-way synchronization of users from my LDAP server to my SAP central system. I've started configure in SAP using transaction SM59 and LDAP. Can I somewhere set that only one specific LDAP user group shall be transferred to SAP (they do not need to be assigned to any specific group, profile, role in SAP) - or should this be done on the LDAP server side (or is it at all possible)?
  Correct me if I'm wrong, but the User Group field in the report RSLDAPSYNC_USER only concerns SAP user groups right? This would therefore not be sufficient since I want to select the users to synchronize based on user groups in the directory.
  Thanks, Oscar

  We've used a repository constant to specify the LDAP filter for reading users / groups from the LDAP target.
  E.g. LDAP_FILTER_USERS (&(objectCategory=person)(objectClass=user))
  Then we also have a constant for the LDAP_STARTING_POINT
  For our AD Group Initial Load we filter according to these settings:
  LDAP_FILTER_GROUPS = (objectclass=group)
  LDAP_STARTING_POINT_GROUPS = ou=IDMManagedGroups,ou=Groups,dc=cfstest,dc=le,dc=ac,dc=uk
  The above example only reads AD groups starting at the specified OU
  Then in a Job From LDAP Pass the LDAP URL looks like this:
  LDAP://%$rep.LDAP_HOST%:%$rep.LDAP_PORT%/%$rep.LDAP_STARTING_POINT_GROUPS%?*?SUB?%$rep.LDAP_FILTER_GROUPS%
  I hope this helps
  Paul

• What is the password for 'oracle' user created during XE installation?

  Hi,
  What is the password for 'oracle' user automatically created when XE is installed?
  I installed XE on Linux and it's created under 'oracle' user, but I don't know 'oracle' password. So, I cannot stop TNS listener.
  During configuration, it prompted me to enter SYS and SYSADMIN password but it didn't ask me to enter 'oracle' user password.
  Please let me know or point me to the document.
  Thanks,
  N

  Hi Jari,
  I tried your suggestion, but it didn't work unfortunately.
  When I type (sudo su -oracle) as follows, it still prompts the password. When I hit Enter key w/o anything, it seems to proceed and the prompt shows up in the following line. So, I thought it was successful, but when I checked 'whoami', it's not logged in as 'oracle'.
  So, I created the password for 'oracle' and logged in as 'oracle' using a new password. Then, I stopped TNS listener to uninstall XE.
  It would be nice if it's documented in XE document somewhere... since it's created by XE installation, I assumed some kind of default password was used.
  Thanks,
  N

• Not able to type a password when trying to create a domain

  Hi,
  I am trying to create a domain and in that wizard, in Administrator name and password for weblogic user, I am not able to type the password. Whatever I type it doesn't get reflected in the UI . if I press Next button Error comes as password is mandatory. I am using Linux OS.
  P.S. I am able to type in Name and description fields.
  Kindly advise.
  Regards

  If anyone else face this issue, then here comes the resolution -
  Password Field Not Editable in Domain Template on Linux
  Bug: 10394900
  Added: 01-May-2011
  Platform: Linux
  On Linux, when creating a new domain using a developer template in the Oracle Fusion Middleware Configuration Wizard, the password and confirm password fields are not editable, and you cannot enter a password to create a domain.
  Workaround: Do one of the following:
  To work around the issue each time it occurs: Click the close window "x" button in the upper right corner of the Configuration Wizard. In the confirmation dialog that appears, click "No" to return to the Configuration Wizard. Now you can enter the password and confirmation password.
  To fix the issue permanently:
  Kill a scim processes. For example, kill "pgrep scim"
  Modify (or create) the file ~/.scim/config to include the following line:
  /FrontEnd/X11/Dynamic = true (follow case sensitivity)
  If you are running VNC, restart the VNC server.
  Run the Configuration Wizard again.
  Regards,
  Anuj

• Why does my iMac now ask for a password when trying to create a folder in Finder?

  Hi guys
  My iMac has started to ask me for my login password when I try and create a new folder using Finder. I concert folders on the desktop and drag to the correct location in Finder and I can also create folders in the tree view of Adobe Bridge both without having to enter a password. Any suggestions?
  Many thanks

  Give this a try:
  Reset User Permissions and ACLs
  Boot to the Recovery HD:
  Restart the computer and after the chime press and hold down the COMMAND and R keys until the menu screen appears. Alternatively, restart the computer and after the chime press and hold down the OPTION key until the boot manager screen appears. Select the Recovery HD and click on the downward pointing arrow button.
  From the Utilities menu select Terminal. At the Terminal prompt enter: resetpassword. Press RETURN. When the window opens select your startup drive where it says "Select the volume containing the user account:" At the bottom of the window you will see, "Reset Home folder permissions and ACLs." Click on the Reset button.

• Password change issue when updating user data in SAP ABAP system

  Hi Guru's,
  One of my reconciliation tasks part of the reconciliation job I've created is doing some strange password updates.
  As you can see below the task selects all users part of my identity store that are part of the account attribute of the particular ABAP system.
  Once these users are selected the task updates different data like username, validto, ... but the task is updating a lot of other things that are not part of the destination tab. What is causing the biggest issue is the password fields that are updated in the ABAP system like, password, productive password, ...
  Can you please advise if I missed something and how to solve?
  Thanks a lot,
  Laurent

  Hello Steffi,
  Yes in the ABAP systems they have the same timestamp. No other jobs are running at the same time.
  It is only happening to a few users depending on the ABAP system. On some ABAP systems there are only a few users for which the PW is reset and other systems 300.
  Example below of a system where I updated all user. In my pass only the following attributes should have been pushed thru to the ABAP system.
  However the valid from, accounting number and password have been updated as well.
  Thx,
  Laurent

• Initial password expires:Communication Users

  Hi All,
  I have created one user for early watch alert generation purpose user password expires every 15 days :
  Defined profile parameter is:login/password_max_idle_initial:14
  As per my understanding communication user password never expires.
  Kindly please suggest me
  Thanks in Advance
  Regards
  Nekkalapu

  Hi Siva,
  Thanks for you response.
  But it will effect to all the users right,sap also is not recomending to put 0 value this parameter.
  Is their any other way to resolev this issue.
  I am using communication users for generating earlywatch laerts.
  Advance thanks
  Regards
  Nekkalapu

• Reset Password of ldap Users

  Hi ,
  I am using Directory Server 5.2 Version. My query is:
  - How I can reset password of large number of users in Ldap.
  Help Required.
  TIA
  Nawaz

  Write an LDIF file that contains all the Modifications.
  You need to know the DNs of all the entries for which you want to reset the password.
  Then for each DN create a record (single line separation between the records)
  dn: cn=John,dc=example,dc=com
  changetype: modify
  replace: userPassword
  userPassword: changeme!
  dn: <another DN...>
  Regards,
  Ludovic.

• Creating materail in non sap system when it is create in sap

  Hi,
  As with the help of IDOC  we can perform the activity in multiple sap server,  like creation of material master if it is created in one system it can be created in other,  I have one requirement , we are suing one non sap systems there we are performaing some activity with the RFC,  now if any material is created in the sap system can we create the same in the non sap with IDOC. same time when it is being created in the sap.
  regards,
  zafar

  HI,
  You can use MATMAS03 or MATMAS05 idoc for transfering the material data to an externam system.
  You should define this in  outbound partner profile in WE20 trx.
  Here you maintain the the MATMA05 in out bound parameters, and select the mode as transfer idoc immediately in output mode, give the receiving port details also.
  Once the material is created, then it is automatically transfered .
  Regards,
  velu