cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unable set Validity Dates to the Privileges using uIS_SetValue function in SAP IDM

Go to solution
Former Member

on ‎12-08-2014 7:50 PM

0 Kudos

Hi Friends,

I am performing Role Provisioning - by using uIS_SetValue Function in SAP IDM.

I have values Usermskey, PrivilegeMskey, and IDStore.

and i am using uIS_SetValue function, please see the syntax:

var NewValue = uIS_SetValue(Usermskey,IDStore,"MXREF_MX_PRIVILEGE","{VALIDFROM="+ 2014-12-08 + "!!VALIDTO=" +2014-12-25 + "}" + "<" + PrivilegeMskey + ">");

Please tell if i am wrong because this function is returning an error: Please check attached File.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

normann
Advisor
Advisor
‎12-08-2014 11:18 PM
0 Kudos

Hi Kishor,

I guess you do not really put the dates as numbers in there? If this is really your code you calculating 2014 - 12 - 08 which is 1994 Otherwise they are a string as well and thus must be in double quotes.

Then you are using the MSKEY of the privilege in the <> brackets. Those you would only use for the MSKEYVALUE in a to-identity pass. The syntax <MSKEYVALUE> is getting resolved to the MSKEY at runtime. If you are using MSKEY already you wont use the brackets.

uIS_SetValue(Usermskey,IDStore,"MXREF_MX_PRIVILEGE","{VALIDFROM=" + validFromDateString + "!!VALIDTO=" + ValidToDateString + "}" + PrivilegeMskey);

or

uIS_SetValue(Usermskey,IDStore,"MXREF_MX_PRIVILEGE","{VALIDFROM=2014-12-08!!VALIDTO=2014-12-25}" + PrivilegeMskey);

Regards

Norman

Show replies
Show replies

Answers (2)

Answers (2)

jaisuryan
Active Contributor
‎12-12-2014 10:27 AM
0 Kudos

Hi Kishor,

The answer for your question can be found in the help file for uIS_SetValue function,

no entry event tasks are started using uIS_SetValue and as suggested by Norman, please use "to Identity Store" pass to perform the update.

For the same reason it is not recommended to use uIS_Create function to create an entry.

Kind regards,

Jaisuryan

Show replies
Show replies
Former Member
‎12-12-2014 11:08 AM
0 Kudos

Hi, I am using SAP IDM 7.2 SP09 version.

Former Member
‎12-11-2014 5:41 PM
0 Kudos

Hi Norman,

Thanks for Reply.

Norman,The syntax you have provided is working fine, whenever i assign ONLY privilege to the user by using uIS_SetValue Function, ADD Member Task is getting triggered, ONLY privilege is assigned successfully to the user, but ADD Member task is not getting completed, on IDM UI assignment is showing Pending status, SYSTEM privilege is unable to assign after ONLY privilege.


Even if i assign a privilege to the user using IDM UI with Validity Period, same thing happen, in job log showing just User has been created in the Target system but nothing happen beyond User creation e.g. Add system privilege...Apply pending on the group etc.


This is happen when i am giving Validity Dates to the Privileges, otherwise without Validity Dates every thing is ok.


Please suggest me.


Regards,

Kishor Kajale

9673691740

Show replies
Show replies
normann
Advisor
Advisor
‎12-12-2014 9:27 AM
0 Kudos

Hi Kishore,

I have never used uIS_SetValue with validity dates on an account privilege, only on normal privileges. Only workaround I could suggest is using toIdentityStore pass instead of uIS_SetValue. My add member tasks are always toIdentityStore passes as you have repository and just need simple syntax:

MSKEYVALUE=%MSKEYVALUE%

changetype=modify

MXREF_MX_PRIVILEGE={A}<PRIV:%$rep.NAME%:ONLY>

What version are your running on?

Thanks

Norman

Former Member
‎12-12-2014 11:09 AM
0 Kudos

Hi, I am using SAP IDM 7.2 SP09 version.

Ask a Question