SAP BI 4.2 SP05 : Changing SAP BW password from BI Platform

DISCLAIMER

This document summarizes the planned enhancements in the next SAP BI 4.2 Support Package 5 in BIPlatform. As the SAP BI 4.2 SP5 content is still subject to change, please consider the below legal disclaimer statement:

The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the permission of SAP. This presentation is not subject to your license agreement or any other service or subscription agreement with SAP. SAP has no obligation to pursue any course of business outlined in this document or any related presentation, or to develop or release any functionality mentioned therein. This document, or any related presentation and SAP’s strategy and possible future developments, products and or platforms directions and functionality are all subject to change and may be changed by SAP at any time for any reason without notice. The information in this document is not a commitment, promise or legal obligation to deliver any material, code or functionality. This document is provided without a warranty of any kind, either express or implied, including but not limited to, the implied warranties of merchant ability, fitness for a particular purpose, or non-infringement. This document is for informational purposes and may not be incorporated into a contract. SAP assumes no responsibility for errors or omissions in this document, except if such damages were caused by SAP´s wilful misconduct or gross negligence.

All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of their dates, and they should not be relied upon in making purchasing decisions

Overview

Traditionally, SAP BusinessObjects Business Intelligence Platform had provided the mechanism to import users from SAP ABAP systems such as BW and re-use the underlying ABAP systems for user authentication. For this, BI platform had a separate authentication type called as SAP or secSAPR3.

But, the limitation with this user authentication mechanism was that whenever a user password expired or was reset by the BW administrator, the BI Platform did not allow the users to login and change their password. End users received an error message while trying to login to the BI Platform using SAP credentials.

The only option left to the end users was to use SAP GUI or any other client to do an explicit logon to their SAP systems, change their password, and then come back and use the newly set password to login into BI Platform.

This created a lot of problem for the end users and didn’t provide a seamless experience.

Starting from 4.2 SP05, whenever secSAPR3 authentication mechanism is selected for logon, end users will have the options to change ABAP/BW system password in CMC and BILP (old and new) if their password is expired and they are required to change it at next logon.

Please Note: Password reset option is only available when it is forced from the ABAP system. And will be available to users only during logon. End user cannot change the password whenever they want.

Let’s look at the use cases below:

User ZMOUR1 belonging to R79 system tries to login to CMC using authentication type as SAP and providing all the relevant details.

Since old password is no longer valid, user ZMOUR1 is re-directed to change password page. User creates a new password and clicks OK.

Upon successful reset of password, user is re-directed back to the logon page. User can login to the system using new password.

Let’s look at the second use case .

User ZMOUR2, belonging to R79 system, tries to login to new BILP using authentication type as SAP and provides all the relevant details.

Since the old password is no longer valid, user ZMOUR2 is re-directed to change password page. User creates a new password and clicks OK. Upon successful reset of the password, the user is re-directed back to logon page. And the user can login back using new password

In case new password maintained by the user does not conform with the password policies of the underlying SAP system, the user will receive an error with the error message number. User needs to provide a new password which respects the password policies.

Similarly, while accessing opendoc URL, a user will be asked to change ABAP system password, if they are using SAP authentication for logon and the existing password is no longer valid

Error will be displayed if new password does not conform to password policy:

Please Note: Upon successful password reset, opendoc application throws an error.

This is a known issue and will be fixed in future. This happens because currently opendoc does not support re-direction to login page.

Workaround: Users need to re-launch opendoc URL and provide the credentials again (new password) to access the report.