Monday, December 15, 2014

Custom Program to change mass password in SAP !!

We all know how much pain it is to reset password if we have a list of hundreds of user !! :(
In the past days I developed a program with one of my friend, which can help us to reset password for no. of users !!
You can ask your ABAP Consultant to develop a REPORT with below code (only if your client allows), and execute same
to reset password for no. of user.
Like and Comment if you find this useful.

Cheers
Priya Ranjan Singh
SAP Security Consultant

*&---------------------------------------------------------------------*
*& Report ZH4RU_BC_PASSWORD_MASS_CHANGE
*&
*&---------------------------------------------------------------------*
*&
*&
*&---------------------------------------------------------------------*

REPORT ZHR4U_BC_PASSWORD_MASS_CHANGE message-id zpassword.

tables usr01.

data: lt_return type bapiret2 occurs 0 with header line.
data: message type string.
data: lw_user type BAPIBNAME-BAPIBNAME.
data: it_bname type standard table of usr01, wa_bname type usr01.
data: dummy type bapipwd value 'n$NRC}va9/w-/WxYikSp8~a+Zb=NU7+oEVv'.

select-options: s_bname for usr01-bname obligatory NO INTERVALS.
parameters: p_passw type bapipwd obligatory.

SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 1(13) vText10.
SELECTION-SCREEN POSITION 15.
PARAMETERS: rb11 RADIOBUTTON GROUP rb1.
SELECTION-SCREEN COMMENT 18(10) vText11.
SELECTION-SCREEN POSITION 35.
PARAMETERS: rb12 RADIOBUTTON GROUP rb1.
SELECTION-SCREEN COMMENT 38(10) vText12.
SELECTION-SCREEN END OF LINE.

SELECTION-SCREEN BEGIN OF LINE.
SELECTION-SCREEN COMMENT 1(13) vText20.
SELECTION-SCREEN POSITION 15.
PARAMETERS: rb21 RADIOBUTTON GROUP rb2.
SELECTION-SCREEN COMMENT 18(15) vText21.
SELECTION-SCREEN POSITION 35.
PARAMETERS: rb22 RADIOBUTTON GROUP rb2.
SELECTION-SCREEN COMMENT 38(30) vText22.
SELECTION-SCREEN END OF LINE.

AT SELECTION-SCREEN OUTPUT.
vText10 = 'Log info:'.
vText11 = 'short'.
vText12 = 'detail'.
vText20 = 'Password must'.
vText21 = 'not be changed'.
vText22 = 'be changed at first logon'.

at selection-screen.

* loop at s_bname where option ne 'EQ'.
* message e001.
* endloop.

start-of-selection.
select *
from usr01
into corresponding fields of table it_bname
where bname in s_bname.

* loop at s_bname.
loop at it_bname into wa_bname.
* select count(*) from usr01 where bname in s_bname.
select count(*) from usr01 where bname = wa_bname-bname.
if sy-subrc ne 0.
* write: / 'Userid:', s_bname-low , 'is not found in database'.
write: / 'Userid:', wa_bname-bname , 'is not found in database'.
continue.
endif.

if rb22 = 'X'.
dummy = p_passw.
endif.

* Write: / 'about to reset password for user:', s_bname-low.
* lw_user = s_bname-low.
lw_user = wa_bname-bname.
CALL FUNCTION 'BAPI_USER_CHANGE'
EXPORTING
USERNAME = lw_user
PASSWORD = dummy
PASSWORDX = 'X'
* don't work PRODUCTIVE_PWD = rb21
TABLES
RETURN = lt_return.
CALL FUNCTION 'BAPI_TRANSACTION_COMMIT'.

if rb21 = 'X'.
CALL FUNCTION 'SUSR_USER_CHANGE_PASSWORD_RFC'
EXPORTING
BNAME = lw_user
PASSWORD = dummy
NEW_PASSWORD = p_passw.
CALL FUNCTION 'BAPI_TRANSACTION_COMMIT'.

* update USR02 set PWDHISTORY = '1' where BNAME = wa_bname-bname.
* update USR02 set PWDSTATE = '0' where BNAME = wa_bname-bname.
* update USR02 set PWDINITIAL = '2' where BNAME = wa_bname-bname.
* commit work.
endif.

if rb12 = 'X'.
Write: / 'about to reset password for user:', wa_bname-bname.
loop at lt_return.
write: / '.....' , lt_return-MESSAGE.
endloop.
write : / '.', '.', '.'.
endif.

if rb11 = 'X'.
read table lt_return index 1.
message = lt_return-message.
Write: / 'About to reset password for user:', wa_bname-bname.
Write: at 55 '...', message.
endif.

endloop.
if sy-subrc ne 0. write: / 'No user selected'. endif.