Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Assignment OK, but assignment status failed.

Go to solution
Former Member

on ‎2013 Jun 21 9:50 AM

0 Likes
1,132

Hello experts,

I have implemented the approval workflow which was working smooth. But today when I have done an assignment, it went for approval and after the approver has approved the assignment request, it triggered a mail saying assignment has approve( as we configured). But the status of the assignment is Failed. I am confused here. This happened in production. Can you please tell me were to check the root cause of this assignment failure. Please find below the relavant screenshots.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
Former Member
‎2013 Jul 08 2:55 AM
0 Likes

Hello All,

I have resolved this issue, using the new repair assignment feature that is going to be available with IDM 7.2 SP8. For pre SP8 version, you will be able to get the database objects from SAP.

Firstly the issue was the ACCOUNT%$rep.$Name% attribute was not created for AD repository of the user, which I have resolved my self.

Then for provisioning the assignments I have used the repair assignments. The detailed steps I have followed are mentioned in my blog on this. I will share the link for the blog once it is approved by moderator.

Thanks,

Krishna.

Show replies
Show replies
Former Member
‎2014 Jul 17 10:05 AM
0 Likes

Hi Krishna,

Can you kindly let me know how you resolved the issue of adding ACCOUNT%$rep.$Name% attribute for AD repository with out deleting the user in AD?


We faced similar issue recetly for a ABAP system but our scenario is enterprise role based solution where every role contains <RepName>ONLY privilege along with the business privileges.


Now when IDM 7.2 SP8 system tried to assign this enterprise role to user as the user ID already exist in the ABAP system the <RepName>ONLY privilege assignment got failed and hence the assignment of all the business privileges gone to pending status.


Since we are using IDM role based solution, as per design all privileges must be assigned to users through IDM enterprise roles only (including  <RepName>ONLY privilege).


For your case If the ACCOUNT%$rep.$Name% attribute got assigned to user through mass import job/initial load job through flat file, can you kindly suggest what could be the easiest solution for our case (i.e role based solution)?

The current work around solution we did is deleting the user from ABAP system and retried the failed provisioning from IDM so that IDM can create the user again and assign the business privileges. 

Wanted to know whether there is any other solution with out deleting the user in the backend like above?

Regards,

Venkata Bavirisetty

ChrisPS
Product and Topic Expert
Product and Topic Expert
‎2014 Jul 17 10:18 AM
0 Likes

Hello Venkata,
                      best practice is to create a new thread as this thread is already answered.
In terms of the solution there are some internal database procedures which can be used to repair
assignments. See this blog which details how it can be used

http://scn.sap.com/community/idm/blog/2013/07/08/repair-failedstuck-pending-assignments

written by Krishna.

Thanks

Chris

IdM Space Moderator

Ask a Question