on 03-10-2015 11:05 PM
Hello
i have upgraded to the SAP provisionning framework2. Since then, everything seems to be working fine apart from the self service password reset. The password in the UME is reset, but not in the ABAP backend. I have applied SAP note 2010298 but with no success.
This was working fine before the upgrade
I have SAP IdM 7.2 SP09
any ideas ??
Y.
OK problem solved. I had to check the option "Enable Password Provisionning" in the Identity store ... this is strange as this option was not checked with the first version of SAP Provisionning Framework.
Thanks for your help !
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I have run the trace... This is very strange. I do not know whether the SQL request is wrong .. but apparently when the "Check password update" SQL request (select COUNT(VarName) from mxpv_audit_variables where AuditID=%AUDITID% and VarValue='%MSKEY%' and VarName='MARK_EXEC_PASSWORD_SET%MSKEY%') is run there is no entry in the database and nothing is triggered and therefore no password reset is done:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Youssef,
As well check your SYSTEM privileges, if the MX_ENCRYPTED_PASSWORD is listed into the Modify triggers list in the Tasks-tab.
BR,
Simona
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Simona,
The MX_ENCRYPTED_PASSWORD is listed in the modify triggers list in the tasks tab of my SYSTEM priviledge :
As i said, this was working perfectly before the upgrade to SAP Provisionning Framework 2. This is very strange. I have checked the jobs, and the "ChangePasswordOfABAPUser" is never triggered ... for some reason
Hello,
what value does the mx_password_disabled-attribute have for your users? Check also the ABAP-repositories that the MX_HOOK8_TASK is set.
regards, Tero
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Youssef,
There's a few things that I can think of:
1. I'm assuming that all dispatchers are up and running... Are the set to the new jobs? Are the enabled?
2. Have you enabled the trace to see what tasks are firing and what ones are not?
3. Check to make sure that if you have tasks that are linked, make sure that you're referencing the right tasks.
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Matt,
1- the dispatchers are indeed running. The jobs are enabled. I guess the dispatcher is set to the new jobs as the password in the UME of the java instance linked to IdM get reset.
2- I have not set the trace. But there is something weird when i reset the password as i get this:
3- I think the right tasks are referenced as the password gets updated in the Java instance of IdM
User | Count |
---|---|
91 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.