Automation Tool to reset SAP passwords and the locking/unlocking of SAP users

It all started with a discussion with one of my colleagues who is working as an SAP security consultant.

During this discussion, I realized that they get multiple requests for resetting passwords and locking or unlocking users, which consumes a good amount of their time. By the time the discussion ended, I thought of creating a program/tool to automate these requests to save time for other productive tasks.

I have discussed the steps to automate in this blog. 

Input for the program

There are two required inputs to run the program:

1. User ID: This is to get the User ID for which action to be taken. The tool can receive multiple User IDs at a time. 
2. Radio Buttons (Password Reset, User Lock, User Unlock) - This is to give options to the user to select relevant action to be taken.

Output of the program

• The output will have a list of all the User IDs passed in the selection screen and a status for each User ID showing if the request has been completed or not.
• The program will also trigger emails to users individually to let them know the new password or update them about their user status.

Now, let's see the logic behind this program. I have created a flow diagram for it to have a better understanding

Program Logic

Image 1: Flow Diagram of logic (Designed via draw.io) 

Note:  Email IDs of the users will be captured from user data (Tables: USR21 & ADR6)In-case email id is not maintained in user data, email will be sent to the person running this program.

Function modules used inside the program:

•    BAPI_USER_CHANGE - To change/reset password

•    BAPI_USER_LOCK - To lock the user

•    BAPI_USER_UNLOCK - To unlock the user

Class used inside the program:

To trigger emails, CL_BCS class is used.

Email Structure:

Email structure (Designed via draw.io) 

4. Authorization:

Only SAP Security Team or immediate managers would be authorized to use this program.

Conclusion

I hope you find the above steps helpful in setting up the automation tool for setting passwords in SAP. If you need further assistance then feel free to reach out to me