In the first part of my blog we looked at assigning privileges to an identity in the IDM system. In this part we will look at how to check the status of this assignment. Once again we choose the identity (search person type) and call the Display Identity task. Once called you can find the Assigned Privileges and Assigned Roles tab where you can check the assignments and their current status. Clicking on the assigned privileges tab I can see all the current assignements with status ok. This means the privileges are assigned successfully.

However searching I do not see the privilege that I had previously assigned PRIV:ROLE:EDM:SAP_TREX_ADM. In this case you can click the advanced link where additional search possibilities are presented. If the assignment is still pending then you need to search with the radio checkbox Any selected. The privilege is now displayed and its current status as pending. This means that the assignment is still being processed in the IDM system.

If there is a problem then the status will change to failed. In the below example the assignment of another ABAP role has failed. Find the cause for this and fix it. Then navigate back to the Assign Privileges, Roles and Groups task and perform an advanced search for privileges that are not yet assigned. Click on the failed link which will in the next popup screen allow you to press the edit/retry button. The status of the assignment will then change to retry and the provisioning request resubmitted.

Hopefully this blog has been useful if you are for example migrating from release 7.1 and are unfamiliar with some of the new features of release 7.2.