cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User group Field (User Group for Authorization Checks) of users through IDM via IDM 7.2/8.0?

Go to solution
Former Member

on ‎07-28-2017 1:09 PM

0 Kudos

Hello experts

i have a big doubt , that i have to populate t User group Field (User Group for Authorization Checks) in ABAB system of users via IDM 7.2/8.0.

I'm using standard abab connector package.

i'm unable to Map attributes b/w AS ABAB and SAP IDM 7.2 for this field. I tried to use some field/attribute name like user group, usergroup, even parameter name, but no luck , i could'nt do it.

The other User group (Groups/User Group Assignments) provided by SAP (which is not relevant for authorization check) is mapped as usergroups and IDM attribute for this is MX_USER_CATEGORY.

Still could'nt find the field with values,

whenever i use to update user profile , this user group(authorization checks ), left empty

and we are manually filling out .

Kindly help out to resolve this issue !!

Thanks!!

Mano

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-01-2017 7:15 PM

Mano:

From the pass CreateABAPUser the pass attribute is CompanyId and IdM attribute is MX_ADMIN_UNIT.

Regards

Andy

Show replies
Show replies

Answers (3)

Answers (3)

Steffi_Warnecke
Active Contributor
‎08-01-2017 12:07 PM

Hello Mano,

I think the ABAP connector attribute you're looking for is "CompanyId". At least that is the one we are filling with the SAP user group.

.

Regards,

Steffi.

Show replies
Show replies
Former Member
‎01-15-2018 3:25 PM
0 Kudos

Hi Steffi , I'm facing the same issue.

i want to update the user's group in ABAP from IDM.

When I went to Create Identity in SAP IDM ,In which Field I've to enter the User Group value.

regrads

Siva

Steffi_Warnecke
Active Contributor
‎01-15-2018 4:21 PM
0 Kudos

Hello Siva,

I can't help you with that since I don't know which fields are on your "create identity" form. 😉 We have a custom form as I would imagine pretty much every company has.

The technical names of the fields are already mentioned in answers here as is the connector field, so you should have everything to implement this or use it (if the provisioning to the ABAP backend systems is already implemented).

.

Regards,

Steffi.

Former Member
‎01-15-2018 4:44 PM
0 Kudos

,

Hello Steffi,

thanks,

I went inside the

http://<host>:<port>/idm/ interface and ---> selected the manage tab --> Create Identity.

Do I need to Create Custom Form for Create Identity . We are currently in initial Phase.

Regards

siva

Steffi_Warnecke
Active Contributor
‎01-16-2018 3:09 PM
0 Kudos

You need access to the management console to implement and/or check this. The admin UI won't help you here.

Also this is an old thread and you're hijacking it. If you have questions, it's always better (and also following the Rules of Engagement) to create a new question and link to other threads/discussions/blogs that relate to it instead posting in an old question. 😉

.

Regards,

Steffi.

devaprakash_b
Active Contributor
‎12-20-2017 11:12 AM
0 Kudos

Hi Mano,

1. check whether the mentioned user group is available in abap system

2. check whether user group is available in idm helpvalues table

3. check whether usergroup is maintained for the user via attribute MX_ADMIN_UNIT

4. check whether %MX_ADMIN_UNIT% is maintained for companyId attribute in the destination tab of create/modify abap user pass

It would be easy to help you, if you can share screenshot of destination tab of create/modify ABAP user Pass.

Regards,

Deva

Show replies
Show replies
Former Member
‎12-19-2017 1:44 PM
0 Kudos

Hello Steffi,

actually we tried, but it is not populating in the ABAB system , so, we just created group and moving them manually to that group .

regards

Mano..

Show replies
Show replies
Steffi_Warnecke
Active Contributor
‎12-28-2017 3:40 PM
0 Kudos

Hello Mano,

"it's not populationg" is a bit thin to work with. 😉 Did you get an error? Which field did you use in IDM to fill the connector with? Is the group created in the backend already?

See Deva's reply for more ideas to check.

.

Regards,

Steffi.

former_member456057
Explorer
‎01-02-2018 12:16 PM
0 Kudos

Hello steffi,

Groups are already created and we are able to move them to that group, but we could not use that authorization check (user group(authorization checks )).

regards

Mano

Steffi_Warnecke
Active Contributor
‎01-02-2018 3:08 PM
0 Kudos

"but we could not use that authorization check (user group(authorization checks ))"

But that sounds like an issue with the groups and not with IDM, who is just used to write the user groups to the backend accounts. Or I'm misunderstanding your issue.

.

Regards,

Steffi.

Ask a Question