Skip to Content

In the first part of my blog we looked at assigning privileges to an identity in the IDM system. In this part we will look at how to check the status of this assignment. Once again we choose the identity (search person type) and call the Display Identity task. Once called you can find the Assigned Privileges and Assigned Roles tab where you can check the assignments and their current status. Clicking on the assigned privileges tab I can see all the current assignements with status ok. This means the privileges are assigned successfully.

current asignments.PNG

However searching I do not see the privilege that I had previously assigned PRIV:ROLE:EDM:SAP_TREX_ADM. In this case you can click the advanced link where additional search possibilities are presented. If the assignment is still pending then you need to search with the radio checkbox Any selected. The privilege is now displayed and its current status as pending. This means that the assignment is still being processed in the IDM system.

assignment pending.PNG

If there is a problem then the status will change to failed. In the below example the assignment of another ABAP role has failed. Find the cause for this and fix it. Then navigate back to the Assign Privileges, Roles and Groups task and perform an advanced search for privileges that are not yet assigned. Click on the failed link which will in the next popup screen allow you to press the edit/retry button. The status of the assignment will then change to retry and the provisioning request resubmitted.

retry assignment.PNG

Hopefully this blog has been useful if you are for example migrating from release 7.1 and are unfamiliar with some of the new features of release 7.2.

To report this post you need to login first.

6 Comments

You must be Logged on to comment or reply to a post.

  1. Krishna Kumar Duddu

    Hi Christopher,

    I am facing a similar problem. I did role assignment. After the approver approves the assignment, the status is displayed as failed for this assignment. Can you please suggest where should I have to check to identity the cause for this failure.

    Thanks,

    Krishna.

    (0) 
    1. Christopher Leonard Post author

      Hi krishna,

                      check the privs assigned to the role and see if any of these failed. If they did

      then check the connector hook task for the priv and see if there are any errors in the job log (or check the overall job log for errors).

      Thanks,

      Chris

      (0) 
  2. Rashmi Hegde

    Hi Christopher,

    Thanks for the helpful information.

    We are using IDM 7.2 SP8, Netweaver 7.3.

    However the UI screens is different for us. I do not have the option to check direct/indirect assignments or check the staus of assignment and retry.

    In which version we can find these options and additional feature?

    Thanks

    Rashmi

    User Interface.JPG

    (0) 
    1. Christopher Leonard Post author

      Hi Rashmi,
                       did you deploy the SP8 UI on the NW 7.3 server ? You can check this by
      the version of the IDMIC component which you can check in the NWA.

      Thanks,

      Chris

      (0) 

Leave a Reply