Skip to Content

If you are new to SAP Netweaver Identity Management then hopefully these blogs will help to familiarize yourself with the common tasks you may have to carry out. One of the main tasks as a user will be to assign business roles and privileges to users. So how is this achieved and what if something goes wrong ? Keep reading and I’ll explain further …

Assuming that a web enabled task (WET) to assign roles/privileges is available and you have been assigned access then you are ready to go. In the UI navigate to the Manage tab and search for the user that you wish to work with. If you don’t know the users full id then you can use a wildcard search. Once the user is found highlight the user id and hit the button “Choose Task” . The list of available tasks will be shown. Choose the task Assign Privileges, Roles and Groups and press the Choose Tasks button (hint: if you frequently will use this task then you can add it to your favourites so you do not need to navigate to the task each time you wish to use it).

Choose Assign Task_v2.png

On the next screen you have a number of tabs where you can assign busines roles, privileges and groups. In this example we will assign a privilege from a connected AS ABAP server EDM. In the below screenshot you can see that on the left pane you can search for available privileges in the Identity Center. Search for the privilege in this case the abap role SAP_TREX_ADM which has the unique id PRIV:ROLE:EDM:SAP_TREX_ADM.

Highlight the role and choose the add button. Enter a validity for the privilege or leave this empty which will mean the assignment will never expire. ! Remember if the validity date is set to the future IDM will not provision the ABAP role to the Identity until this date is arrived at.

Once saved the ABAP role will appear on the right pane as one of the assigned privileges assigned to the user.

save assignment_v2.png

IDM will then provision this privilege to the connected backend AS ABAP system.

Check Part II of this blog to see how we can check the assignment status of your newly assigned privllege and what to do if something goes wrong.

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply