SAP Identity Management: multiple modify tasks triggered for MX_PERSON when changing attributes and assigning/removing roles at the same time

For SAP Identify Management 7.1, 7.2 and 8.0 the following system behavior may be observed:

• When you modify attributes with SAP Identity Management Web UI, multiple modify tasks for these attributes are triggered to the backend systems.
• In most cases this is possible to happen when you do this together with another UI action:

          – change the attributes contained in the modify tasks trigger attributes (e.g. MX_FIRSTNAME) for MX_PERSON and

          – assign/remove MX_ROLE objects.

• You have not defined attribute MXREF_MX_ROLE as modify task trigger attribute (In the SAP Provisioning Framework, modify task trigger attribute is defined on the system privilege PRIV:SYSTEM:<repository_name> )

The described behavior can be reproduced:

• Logon to the IDM Web UI
• Change any modify task trigger attributes’s values for a user and assign/remove business roles for it in the same time

This behavior is in very rare cases and it cannot be prevented. It assures the correct provisioning of modified attribute’s values to backend systems. It does not cause any provisioning errors.