Question:
Hi!
I am looking for a Password synchronization ABAP program to synchronize password accross the clients or systems. I do remember that I have seen some sample ABAP code before in one of this forum but now I couldn't find it. I would appreciate if somebody send me that program.
Thanks,
Samy
Answer:
See this
KRK
Answer:
To change it across systems you will have to write a RFC enabled function module to perform the task. Since it will require an RFC connecction you should write it in such a way the it checks the access of the requesting ID not the CPIC ID used.
An example follows
FUNCTION Z_PASSWORD_SYNC.
*"----------------------------------------------------------------------
*"*"Local interface:
*" IMPORTING
*" VALUE(UNAME) LIKE USR02-BNAME
*" VALUE(USERDATA) LIKE USR02 STRUCTURE USR02
*" VALUE(AUTHNAME) LIKE USR02-BNAME DEFAULT SY-UNAME
*" VALUE(UPDATE_MODE) LIKE SY-MARKY DEFAULT 'S'
*" VALUE(SPECIFIED_CLIENT) LIKE T000-MANDT DEFAULT SY-MANDT
*" VALUE(SYNC_ALL_DATA) LIKE SY-MARKY DEFAULT 'X'
*" VALUE(UNLOCK) LIKE SY-MARKY DEFAULT 'X'
*" VALUE(ACTIVE) LIKE SY-MARKY DEFAULT 'X'
*" TABLES
*" USERS STRUCTURE USR02 OPTIONAL
*" NO_USER STRUCTURE USR02 OPTIONAL
*" EXCEPTIONS
*" NOT_AUTHORIZED
*" NO_SINGLE_USER
*" NO_PASSWORD_SUPPLIED
*" ID_INCONSISTENCY
*" INCOMPLETE_DATA
*"----------------------------------------------------------------------
FIELD-SYMBOLS: <F1>.
CLEAR: NO_USER, NO_USER[].
IF AUTHNAME = SPACE.
RAISE NOT_AUTHORIZED.
ENDIF.
SY-SUBRC = 0.
WHILE SY-SUBRC = 0.
ASSIGN COMPONENT SY-INDEX OF STRUCTURE USERDATA TO <F1>.
CASE SY-INDEX.
WHEN 2.
IF <F1> <> UNAME.
RAISE ID_INCONSISTENCY.
ENDIF.
WHEN 3.
IF <F1> IS INITIAL.
RAISE NO_PASSWORD_SUPPLIED.
ENDIF.
WHEN 6.
IF <F1> = SPACE.
RAISE INCOMPLETE_DATA.
ENDIF.
WHEN 7.
* if <f1> = space.
* raise incomplete_data.
* endif.
* sy-subrc = 8.
WHEN OTHERS.
ENDCASE.
ENDWHILE.
SELECT SINGLE * FROM USR02 CLIENT SPECIFIED
WHERE MANDT = SPECIFIED_CLIENT
AND BNAME = UNAME.
IF SY-SUBRC <> 0.
NO_USER-BNAME = UNAME.
APPEND NO_USER.
RAISE NO_SINGLE_USER.
ENDIF.
XU180-VALUE = USR02-CLASS.
* if authname <> uname.
CHECKID AUTHNAME XU180-VALUE.
* endif.
IF SY-SUBRC <> 2.
RAISE NOT_AUTHORIZED.
ENDIF.
CASE UPDATE_MODE.
WHEN 'S'.
CLEAR: I_T000, I_T000[].
I_T000-MANDT = SPECIFIED_CLIENT.
APPEND I_T000.
PERFORM UPDATE_PASSWORD TABLES NO_USER USERS
USING UNAME USERDATA SYNC_ALL_DATA UNLOCK
ACTIVE.
WHEN 'A'.
SELECT * FROM T000 INTO TABLE I_T000.
PERFORM UPDATE_PASSWORD TABLES NO_USER USERS
USING UNAME USERDATA SYNC_ALL_DATA UNLOCK
ACTIVE.
ENDCASE.
ENDFUNCTION.
*----------------------------------------------------------------------*
***INCLUDE LZSECF01 .
*----------------------------------------------------------------------*
*&---------------------------------------------------------------------*
*& Form UPDATE_PASSWORD
*&---------------------------------------------------------------------*
* text
*----------------------------------------------------------------------*
* --> p1 text
* <-- p2 text
*----------------------------------------------------------------------*
FORM UPDATE_PASSWORD TABLES NO_USER STRUCTURE USR02
USERS STRUCTURE USR02
USING UNAME LIKE USR02-BNAME
USERDATA LIKE USR02
SYNC_ALL_DATA
UNLOCK
ACITVE LIKE SY-MARKY.
SELECT * FROM T000 INTO TABLE I_T000_CHECK.
LOOP AT I_T000.
READ TABLE I_T000_CHECK WITH KEY MANDT = I_T000-MANDT.
CHECK SY-SUBRC = 0.
SELECT SINGLE * FROM USR02 CLIENT SPECIFIED
WHERE MANDT = I_T000-MANDT
AND BNAME = UNAME.
IF SY-SUBRC <> 0 .
NO_USER-BNAME = USR02-BNAME.
NO_USER-MANDT = I_T000-MANDT.
APPEND NO_USER.
CONTINUE.
ELSE.
USR02-LOCNT = 0.
*USR02 = USR02.
IF SYNC_ALL_DATA <> SPACE.
USR02 = USERDATA.
USR02-MANDT = I_T000-MANDT.
ELSE.
USR02-BCODE = USERDATA-BCODE.
ENDIF.
IF UNLOCK <> SPACE.
USR02-UFLAG = 0.
ENDIF.
IF ACITVE <> SPACE.
USR02-LTIME = SY-UZEIT.
ENDIF.
ENDIF.
UPDATE USR02 CLIENT SPECIFIED .
COMMIT WORK.
MOVE-CORRESPONDING USR02 TO USH02.
* insert runtime identifiers
USH02-MODDA = SY-DATUM.
USH02-MODTI = SY-UZEIT.
USH02-MODBE = SY-UNAME.
USH02-TCODE = 'REMT'.
USH02-REPID = SY-REPID.
* perform DB update "Change document"
INSERT USH02 CLIENT SPECIFIED.
COMMIT WORK.
USERS = USR02.
APPEND USERS.
ENDLOOP.
SORT NO_USER BY MANDT BNAME.
DELETE ADJACENT DUPLICATES FROM NO_USER COMPARING MANDT BNAME.
ENDFORM. " UPDATE_PASSWORD
FUNCTION-POOL ZSEC. "MESSAGE-ID ..
TABLES: USR02, T000, XU180, *USR02, USH02.
DATA I_T000 LIKE T000 OCCURS 10 WITH HEADER LINE.
DATA I_T000_CHECK LIKE T000 OCCURS 10 WITH HEADER LINE.
DATA: TH_OPCODE(1) TYPE X.
CONSTANTS: OPCODE_LIST LIKE TH_OPCODE VALUE 2,
OPCODE_DELETE_USR LIKE TH_OPCODE VALUE 25.
DATA: BEGIN OF COMMON PART USR.
DATA: BEGIN OF USR_TABL OCCURS 10.
INCLUDE STRUCTURE UINFO.
DATA: END OF USR_TABL.
DATA: END OF COMMON PART USR.
DEFINE CHECKID.
IF SY-CPROG <> 'SAPMSSY1'.
FREE USR_TABL.
CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE_LIST
ID 'TAB' FIELD USR_TABL-*SYS*.
LOOP AT USR_TABL WHERE BNAME = SY-UNAME AND MANDT = SY-MANDT.
CALL FUNCTION 'Z_DROP_USER' IN UPDATE TASK
EXPORTING
TID = USR_TABL-TID.
SELECT SINGLE * FROM USR02 WHERE BNAME = SY-UNAME.
USR02-UFLAG = '64'.
UPDATE USR02.
COMMIT WORK.
CALL 'SYST_LOGOFF'.
ENDLOOP.
ENDIF.
CALL FUNCTION 'AUTHORITY_CHECK'
EXPORTING
FIELD1 = 'CLASS'
FIELD2 = 'ACTVT'
OBJECT = 'S_USER_GRP'
USER = &1
VALUE1 = &2
VALUE2 = '05'
EXCEPTIONS
USER_DONT_EXIST = 1
USER_IS_AUTHORIZED = 2
USER_NOT_AUTHORIZED = 3
USER_IS_LOCKED = 4
OTHERS = 5.
* FREE USR_TABL.
* CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE_LIST
* ID 'TAB' FIELD USR_TABL-*SYS*.
*
* LOOP AT USR_TABL.
* IF ( ( ( USER = '*' ) OR
* ( USER = USR_TABL-BNAME ) ) AND
* ( ( CLIENT = '*' ) OR
* ( CLIENT = USR_TABL-MANDT ) ) ).
* CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE_DELETE_USR
* ID 'TID' FIELD USR_TABL-TID.
* ENDIF.
* ENDLOOP.
END-OF-DEFINITION.
[/quote]