on 03-04-2018 6:34 PM
Hello All,
Please let me know if there is a way to provision roles through IDM to users in ABAP using To custom pass without touching identity store. We have tried it but this will remove the existing roles and will assign only the roles which was passed.
We want to add these roles along with the existing roles which were already present. Please let me know if anyone is has answers for this.
Regards
Vinay
Hi Vinay,
Did you create any non provisioning job and trying to push roles to backend SAP system? If yes, then pass the values as below in the roles attribute.
Attribute Value
logonuid %BNAME%
roles role1|role2|role3
Example:
Now if you want to assign additional role to user in SAP system via IDM without using IDM provisioning framework, (privilege is not assigned in IDM but directly in SAP system. This is not best practice, always ensure the roles assignments are in sync between IDM and Target system) then pass the roles as below in the non provisioning job.
Attribute Value
logonuid %BNAME% (hope you retrieving this value from a table using an SQL query in the source tab)
changetype modify
roles ROLE_A|ROLE_B|ROLE_C
Regards,
Deva
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.