Enabling Users to Reset Their Own Password

Use

When your business users logon on with user ID and password, inevitably some forget their password. To help these users, you can enable a logon help link on the Welcome screen. Business users choose this link, enter their data in the request form, and, assuming they entered their data correctly, receive a new password from the system. The user management engine (UME) generates the password and e-mails it to the business user.

You can determine what data the business users must provide. The following data is required:

· Logon ID

· E-Mail address

The following data is optional:

· First name

· Last name

The business users must enter this data exactly as it appears in their user profile.

You can configure the use of a security question. This provides an additional layer of security. The user must answer the question correctly in addition to entering data in the request form. You can either use a list of five predefined, hard-coded questions or enable users to write their own security question. When entering the answer to the security question, the AS Java ignores case.

Recommendation

Configure self-registration to enable users to choose their own security question and answer in the self-registration form. Enable self-management so users can maintain the question and answer in their user profile.


If you configure the use of a security question and answer, the user must maintain these fields in the user profile, or the user cannot request a new password.

Prerequisites

· You have SAP NetWeaver Application Server (AS) Java 7.0 SPS 12 and higher.

This Web Dynpro application replaces the legacy Java Server Pages (JSP)-based application. The JSP-based application remains available for backward compatibility.


If you upgraded from a release previous to SAP NetWeaver 7.0 SPS 12 and you already configured logon help, you continue to use the legacy JSP-based application as you configured it. To use the Web Dynpro-based logon help application, follow the configuration steps below.

Users of SAP NetWeaver AS Java 7.0 SPS 12–13, see also SAP Note 1082019.

For more information, see Configuring Legacy Logon Help.

· This procedure requires you to restart the AS Java, so you should plan for the required downtime while the AS Java restarts.

· You have configured e-mail notification.

Without e-mail notification, business users cannot receive new passwords.

For more information, see Configuring E-Mail Notification.

· If you configure the security question and answer, you must configure self-management. Without self-management, business users cannot maintain their security question and answer.

For more information, see Configuring Self-Management.

· To enable users to choose a security question and answer when they register, you have configured self-registration.

For more information, see Configuring Self-Registration.

Procedure

...

1. Start user management configuration.

For more information, see Configuring User Management.

2. Choose the User Admin UI tab.

3. Choose Modify Configuration.

4. Determine which optional features you want to configure and save your changes.

¡ To configure what data business users must provide, set the Require First and Last Names in Logon Help indicator.

¡ To configure a security question choose from the following options:

To enable business users to enter their own security question, select Enable Security Question.

To enable business users to select their security question from a list of predefined questions, select Use a Predefined Security Question.

5. Assign the UME action UME.Logon_Help to a role assigned to the group anonymous users.

6. Restart the AS Java.

Result

If you have existing users in your installation and you enable the security question and answer, notify your users that they should log on and maintain their security question and answer. Without a security question and answer, these users cannot reset their own passwords.

End of Content Area

No comments:

topics