Skip to Content
author's profile photo Former Member
Former Member

Delete SAP-Role using SAP IDM

Hi experts,

we have an current topic regarding the use of SAP IDM to delete SAP-Roles.

Current situation:

At the moment we use recon jobs from abap and active directory to get new objects and relations to SAP IDM. What could happen is that an administrator deletes an SAP-Role in ABAP or a Group in Active Directory. In SAP IDM nothing happens because there is no new object and no new relations.

What we want to do:

We want to handle that topic using IDM. For example a UI-Task "Delete privilege in the target system".


There is no Plugin-Task for deleting an SAP-Role (what I expected, that there is something like an ACCOUNT_ATTRIBUTE for an "MX_PRIVILEGE" object, refering to the repository) and when I remove it the privilege is removed in the target system but not in SAP IDM. I cannot find anything like that. One solution is to do it also in the recon-jobs to identify the missing objects and react to it, but we what to deactivate the recon jobs in the future.

Any ideas? THX


Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Posted on Sep 07, 2016 at 09:42 AM

    Hello Matthias,

    we use the delta handling of the job, that reads new sap roles into IDM, to delete SAP roles in IDM, that are no longer present in the ABAP backend.

    We don't have a task/UI mask, though, to trigger that actively. Role management happens directly in the backend. We only do user-role management through IDM.



    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.