Skip to Content

For SAP Identify Management 7.1, 7.2 and 8.0 the following system behavior may be observed:

  • When you modify attributes with SAP Identity Management Web UI, multiple modify tasks for these attributes are triggered to the backend systems.
  • In most cases this is possible to happen when you do this together with another UI action:

          – change the attributes contained in the modify tasks trigger attributes (e.g. MX_FIRSTNAME) for MX_PERSON and

          – assign/remove MX_ROLE objects.

  • You have not defined attribute MXREF_MX_ROLE as modify task trigger attribute (In the SAP Provisioning Framework, modify task trigger attribute is defined on the system privilege PRIV:SYSTEM:<repository_name> )

The described behavior can be reproduced:

  • Logon to the IDM Web UI
  • Change any modify task trigger attributes’s values for a user and assign/remove business roles for it in the same time

This behavior is in very rare cases and it cannot be prevented. It assures the correct provisioning of modified attribute’s values to backend systems. It does not cause any provisioning errors.

To report this post you need to login first.


You must be Logged on to comment or reply to a post.

  1. Jai Suryan

    Hi Stefan,

    We are in IDM 7.2 SP9

    We have multiple updateABAPUser task triggered for one user for same repository though we haven’t changed anything via UI. It was HR delta changes via writeHCMEmployee task. Is it common and not prevented as well?

    Kind regards,



Leave a Reply