Skip to Content
avatar image
Former Member

IdM: Automatically assign a privilege when create a user

Dear all,

I want automatically assign a privilege to a user, when a create this user. How I have to do this? Must I use dynamic group?

My idee is: All of our people need a account in the SAP portal, so I want to assign automatically the privilege PRIV:PORTAL:ONLY to the user.

Best regards,

Hans

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

4 Answers

  • Best Answer
    avatar image
    Former Member
    May 13, 2014 at 06:02 AM

    Dear Tero,


    Thank you for your replay.

    My user will create automatically in my IdM and not in the UI.

    Do you think, I have to add the attribute MXREF_MX_PRIVILEGE to my task? The value of the attribute, was the MSKEY value auf my privilege?

    Best regards,

    Hans

    Add comment
    10|10000 characters needed characters exceeded

  • May 09, 2014 at 06:36 AM

    Lot of options depending your requirements..

    Dynamic group is one option but it requires small configuration effort.

    If it's all users, maybe then an add event task for MX_PERSON where you grant the privilege? Takes 5 minutes to do.

    Are there any exceptions? Do you have also non-dialog users in your IdM?

    Any requirements for deprovsioning?

    Where do you get the users? If it's SAP HCM-integration case and no users are created in the UI, then add the privilege in the job that moves the identities from staging Id Store to your master Id Store.

    regards, Tero

    Add comment
    10|10000 characters needed characters exceeded

  • May 13, 2014 at 08:23 AM

    Hello,

    I implemented a similar solution last week to assign the PRIV:UME privilege as soon as a new user is created via the IDM UI.

    Krz,

    Laurent


    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    May 14, 2014 at 10:26 AM

    Thank, that is good way!

    Add comment
    10|10000 characters needed characters exceeded