Skip to Content
avatar image
Former Member

SAP IDM User Not getting Deleted in IDM nor Created in Connected System.

User created in SAP IDM with assignments to SAP ABAP systems.

Where we entered wrong user group

MX_ADMIN_UNIT. The user has not been created in

SAP ABAP systems . After that even when i assign the
correct Group ( which is in all connected systems )
the user not got created. Even when I assign
Roles they are not getting assigned in backend SAP Systems.But in IDM UI the roles are visible as assigned.

Even when i try to delete the user. its not been deleted.

we need to use the same user ID as it we use SSO.

Now the user is not created in SAP AbAP systems from IDM
Nor it is getting deleted from IDM.
Is there any way to fix this.

Error log while deleteing user



error-log-idm.png (19.1 kB)
Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Mar 05, 2018 at 08:36 AM

    Hi Siva,

    Please do note that, from next time onwards, whenever you are posting any question, kindly provide basic details as below and mention them clearly. It will be very helpful for others to provide a solution. In many of your questions you can see Steffi Warnecke asking for the version details. Please follow the guidelines mentioned by Matt Pollicove in this link

    IDM System Version:
    Support Pack Version:
    Database Type:
    Troubleshooting Steps which you have performed to resolve the issue.

    Coming to your issue, as per the error message in attached screenshot, it states that the idm is unable to identify which user needs to be deleted.

    1. Check whether any value is maintained for this attribute ACCOUNT<mention REP_NAME here without angular brackets>. You can find this value in the database table/view - idmv_vallink_basic/idmv_value_basic. I assume this attribute wouldn't be maintained for the user as the user itself is not created in the target system.
    2. Check the master privilege (priv:rep_name:only) and role assignment status assignment status. you can find the status in the view idmv_link_ext2 , check for mcexecstate if it is in pending removal status (513/1536/1537), try to remove the role or if master privilege is assigned directly remove master privilege with out triggering member even tasks bu using {DIRECT_REFERNCE=1} attribute property and once it is completely removed, then reassign it after updating correct user group (MX_ADMIN_UNIT) to the user.

      If still didn't resolve, please provide the screenshot of the following details
      1) status of assignment in the UI
      2) assignment details in the view idmv_link_ext2 (with these columns mskey,mcexecstate,mcexecstaehierarchy,mcassigneddirect,mcorphan,mcuniqueid,mcvalidfrom,mcvalidto)



    Add comment
    10|10000 characters needed characters exceeded

  • Mar 03, 2018 at 08:34 AM

    Hi Siva,

    First can you check the System privilege and Only privilege corresponding to ABAP system, assigned to the user? in DB.

    Check the privilege/role status is OK or Pending as well.


    Jaya Kumar

    Add comment
    10|10000 characters needed characters exceeded