on 2019 Nov 18 10:26 PM
I am running IDM 8 and I am trying to modify a users access via the IDM UI for a certain repository.
Provisioning shows as OK status but does not update the user in the ABAP system.
I get the following error
I have review the users account and can see that the use has the valid Priv_xc1010 only for that specific repository.
I also checked and the user has the System related priv assigned to them as well.
When I run the following sql statement I am able to see that the user does not have the Attrname for ACCOUNTXC1010
select*from idmv_value_basic_active where mskey ='45927'
How can I update this users account so that I can update use IDM to deprovision the users access?
I have tried to provision this user to other environments and it works no problem.
This user and others like it came in as part of an initial load.
MX_PERSON who have an account in a repository must have the ACCOUNT%$rep.$NAME% attribute set to their logon ID in that repository, in addition to having assignments to PRIV:%$rep.$NAME%:ONLY and PRIV:SYSTEM:%$rep.$NAME%.
If that constraint is not fulfilled for some of your data, then this data is inconsistent - maybe because of wrong logic in the initial load job that created the inconsistent entries.
One way to fix this is to implement a data cleansing job that processes the inconsistent entries to add the missing ACCOUNT%$rep.$NAME% attribute, typcially using a toIdStore pass.
After running such a job, deprovisioning the account from SAP IDM web UI will no longer run into the problem shown in your screenshot.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Robert,
As Lambert said, check the user in DB, is he having AccountXCXC1010 attribute with mskeyvalue. If it is not there, fix. Problem can be solved.
Regards,
Jay
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
57 | |
11 | |
7 | |
6 | |
6 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.