Here is our new idea, how to manage a mass number of users in SAP IdM. As most of you may know, the standard IdM UI doesn’t allow a mass change of users.
Mass User Data Administration tool provides role based access for Administrators and Managers and is used for user master data & access maintenance – for a number of users. It enables the user to load the data directly from IdM or just to upload an Excel file and complete the action.
MUDA UI separates the 4 main functionalities into sections (Fig.1):
Master data update, Master access update, Mass user lock/unlock and File Import.
Note: In order to find the targeted user(s), each functionality has a Filter (Fig.2) which searches for the users by already selected criteria directly in IdM. The possible filters are dynamically loaded, as all of the attributes are pre-defined in IdM. By pressing the “GO” button, the search in the IdM is executed and returns a result (Fig.3) and in case such one is found it will be added to the table content.
1. Master data update UI
The Master data update functionality enables the mass change of multiple user attributes.
In order to do a master data update you can select from the “Choose table columns” dropdown (Fig.4) the attributes, you would like to update or to see in the table.
When you select your filter criteria and then press the “Go” button. After a result has been generated we can change the values of the attribute you want, or use the Replace All functionality to replace multiple rows which have a certain value with a new one (Fig.5).
On pressing submit, the table content will be submitted and if any validation error occurs, the wrong row will be highlighted in red and an error panel will appear, displaying all the errors messages. After successful submission a popup with the request ID opens (Fig.6)
and a status of the current request appears on right side in the table toolbar and the status will be auto refreshed (Fig.7).
2. Master access update UI
Master access update UI gives us the possibility to assign or un-assign multiple roles and privileges to multiple IdM users at the same time.
Again we have to filer for the users and access we want (Fig.8):
In case the action is “Assign” – action validity should be selected (Fig.9).
By pressing the “Assign/Unassign” button, all entries without values in the table will be filled with the values defined in the toolbar above the table (Fig.10). On pressing submit, the table content will be submitted and if any validation error occurs, the wrong row will be highlighted in red and an error panel will appear, displaying all the errors messages.
3. Mass user lock/unlock UI
The mass user lock/unlock functionality enables us to lock/unlock a number of selected users. By default – MX_LOCKED attribute is a mandatory filter and the value Locked is pre-selected (Fig.11).
Note: To be able to execute a mass (single is also an option) lock/unlock we have to select a filter criteria, choose a value for the MX-Locked radio button and press the “Go” button. In case the option Locked is selected, all users, which match the filter criteria and are locked will be displayed in the table.
4. File Import
This feature provides all functionalities of this Add-On in a single UI view, just by uploading an excel file. The user is able to assign/un-assign access, lock/unlock users and update user’s master data (Fig.12).
5. Custom MUDA requests created for the submitted UI mass changes – used for auditing purposes. After the UI request finishes we can search the same request in the standard IdM UI by his Request ID (Fig.13).
6. IdM customizations:
- custom Entry Types _MUDA
- custom job – managing the submitted mass requests changes
- custom IdM UI – on SAPUI5 for mass user data/access changes
- custom UI tasks for the MUDA request – used for auditing
Hope you like it 🙂