System Admin Role/Profile

Special Remarks:

These roles should be sufficient. If not, the customer has added extra security such as S_TABU_DIS etc. Therefore the customers are responsible for adding the missing portion. This can be analyzed in transaction ST01 under authorization trace for the system user.
MyPass connects to SAP through RFC where it calls both a custom function module as well as a standard SAP module. For this it uses a specific SAP user that can be created with authorization exactly for these operations.

1. Create Function Group “Z_FPC_PASSWORD”
2. Create Function Module “Z_FPC_PASSWORD_CHANGE”
3. Create SAP User “PWRESET”
4. Create SAP Role “Z_FPC_PASSWORD”

After following the step-by-step instructions in the 4 sub-sections, your system will be ready to be used as a Password Synchronization target or a Password Reset target from invoked from your MyPass Password Manager installation. All instructions take offset in the main screen of the SAP Client and it is expected that you are logged in as a SAP overall administrator.