I'm wondering if there is a way to logon to sap either via web or command prompt, script etc. in order to create a batch file to reset my own passwords on multiple SAP Boxes and Clients. I currently have over 100 ID's and passwords and it's starting to get time consuming having to reset them every month.

There are 3 options I am aware of:

1)  - CUA is not recommended.

2)  - Writing a program is not recommended and should not be possible.

3) Set up a system in the network to which ONLY you have access to (should there be such a thing). No other users in any client except DDIC and SAP* which must be you. You will also need to consider several other levels of access to this system. Then maintain SM59 with connections to all the systems and their clients for the 100 user accounts which you have.

Advantage: You have a sort of manual "SSO".

Debatable topic: As the session generated is not recognized by the system as a dialog session (even although it looks and works like one), you can skip the 30 days policy... (As it is possible to crack SAP passwords like swatting flies, the 30 days only helps against auditors)

Debatable topic: You can now set up up very complex passwords which are all different because you don´t need to remember them- This is a very little bit more protected against dictionary attacks than what poor passwords are with SAP´s neandertholic password regime.

Disadvantage: When you do change the password(s), you have to change them twice... i.e. 1 time more than before...

Major disadvantage: Anyone who gets into your central system, gets to go everywhere!!!!!

Note: The backend of SM59 is client independent, so DO NOT think that you are alone in a client!

Return to :-
SAP ABAP/4 Programming, Basis Administration, Configuration Hints and Tips