cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Role/Privilege Shows in OK Status but not replicating in AD Backend System

Go to solution
ravi_paul
Participant

on ‎02-15-2018 10:29 AM

0 Kudos

Hi Experts,

In my current assignment, IDM Being parent system and AD,SAP system are Child system. And we are managing few AD groups dynamically based on user's location.

Issue is a user is assigned to AD group Dynamically in IDM via Role, which shows OK status in IDM however it didn't replicated into AD.

Issue is for Role Delete Button is disabled as Role is assigned to user Dynamically.

Can you please advise me action?

Show replies
Show replies
Steffi_Warnecke
Active Contributor
‎02-15-2018 4:26 PM
0 Kudos

Hello Ravi,

is this issue just for one user or for all?

And please share also your IDM version and database.

.

Regards,

Steffi.

PS: Your secondary tag ("BW Operational Data Provisioning (ODP") has nothing to do with IDM or this question, so I would ask you to delete it.

ravi_paul
Participant
‎02-16-2018 9:33 AM
0 Kudos

Its just one user. Other users are working fine.

We are in IDM 7.2 version, SQLOLEDB

I just think, is there a way I can push the assignment again?

Answer

Accepted Solutions (1)

Accepted Solutions (1)

Steffi_Warnecke
Active Contributor
‎02-16-2018 2:10 PM
0 Kudos

You wrote, that the business role is assigned dynamically? I assume you mean via a dynamic group?

The easiest way to re-assign that business role and trigger reassigment of the attached privileges would be to exclude the mskey of the user in the SQL filter query of the dynamic group, recalculate the group (the user will be deleted from the BR), wait a moment, then put the SQL filter back to normal, recalculate the dynamic group again and check if the assignments now went to the backend.

.

That's what I normally do. ^^

Show replies
Show replies
ravi_paul
Participant
‎02-20-2018 12:12 PM
0 Kudos

So I have another case, what if Privilege is in Pending state?

Situation is similar - I'm unable to remove Privilege as Privilege is coming from Dynamic Role.

Steffi_Warnecke
Active Contributor
‎02-20-2018 12:14 PM
0 Kudos

Then you need to check why it is pending. Maybe the account is not created, maybe it's another reason. Channel your inner Sherlock Holmes and try to find the underlying issue. 😉

.

Regards,

Steffi.

Answers (0)

Ask a Question