Skip to Content
author's profile photo Former Member
Former Member

Unable set Validity Dates to the Privileges using uIS_SetValue function in SAP IDM

Hi Friends,

I am performing Role Provisioning - by using uIS_SetValue Function in SAP IDM.

I have values Usermskey, PrivilegeMskey, and IDStore.

and i am using uIS_SetValue function, please see the syntax:

var NewValue = uIS_SetValue(Usermskey,IDStore,"MXREF_MX_PRIVILEGE","{VALIDFROM="+ 2014-12-08 + "!!VALIDTO=" +2014-12-25 + "}" + "<" + PrivilegeMskey + ">");

Please tell if i am wrong because this function is returning an error: Please check attached File.

Capture.JPG (20.9 kB)
Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

3 Answers

  • Best Answer
    Posted on Dec 08, 2014 at 11:18 PM

    Hi Kishor,

    I guess you do not really put the dates as numbers in there? If this is really your code you calculating 2014 - 12 - 08 which is 1994 😊 Otherwise they are a string as well and thus must be in double quotes.

    Then you are using the MSKEY of the privilege in the <> brackets. Those you would only use for the MSKEYVALUE in a to-identity pass. The syntax <MSKEYVALUE> is getting resolved to the MSKEY at runtime. If you are using MSKEY already you wont use the brackets.

    uIS_SetValue(Usermskey,IDStore,"MXREF_MX_PRIVILEGE","{VALIDFROM=" + validFromDateString + "!!VALIDTO=" + ValidToDateString + "}" + PrivilegeMskey);


    uIS_SetValue(Usermskey,IDStore,"MXREF_MX_PRIVILEGE","{VALIDFROM=2014-12-08!!VALIDTO=2014-12-25}" + PrivilegeMskey);



    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Dec 11, 2014 at 05:41 PM

    Hi Norman,

    Thanks for Reply.😊

    Norman,The syntax you have provided is working fine, whenever i assign ONLY privilege to the user by using uIS_SetValue Function, ADD Member Task is getting triggered, ONLY privilege is assigned successfully to the user, but ADD Member task is not getting completed, on IDM UI assignment is showing Pending status, SYSTEM privilege is unable to assign after ONLY privilege.😕

    Even if i assign a privilege to the user using IDM UI with Validity Period, same thing happen, in job log showing just User has been created in the Target system but nothing happen beyond User creation e.g. Add system privilege...Apply pending on the group etc.

    This is happen when i am giving Validity Dates to the Privileges, otherwise without Validity Dates every thing is ok.😎

    Please suggest me.


    Kishor Kajale


    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Dec 12, 2014 at 10:27 AM

    Hi Kishor,

    The answer for your question can be found in the help file for uIS_SetValue function,

    no entry event tasks are started using uIS_SetValue and as suggested by Norman, please use "to Identity Store" pass to perform the update.

    For the same reason it is not recommended to use uIS_Create function to create an entry.

    Kind regards,


    uIS_SetValue.PNG (16.2 kB)
    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.