on 06-30-2009 9:02 AM
Hi,
i have problems to get any user to access the self services tab on IdM user interface...´
(i habe SAP Netweaver 7.0 and SAP IdM 7.1 with MS SQL 2005 and installed latest patches for
Designtime and the UI)
The documentation explains that i have to create a role and assign it to all authenticated users. Then a action must be assigned to the role (idm authenticated, which should put the following service into action: sap.com_tcidmjmx~ump). After that the self service tab should appear for all authenticated users...but it doesn´t...
I have read in the documentation that the users must have an entry in the identity center with an MSKEYVALUE that is identitcal to the userID in the UME...i don´t really know how to realize that.
Any help on that topic would be much appreciated!
Thanks in advance!
Florian
You should search as
*idm*
(with astericks, without spaces).
Edited by: AlexCrane on Feb 1, 2010 10:34 AM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
HI!
I'm following the installation guide for IDM UI.
At page 44 there is:
Initial configuration
Authentication of the users logging on to the Identity Management User Interface is done by the
User Management Engine (UME). What parts of the Identity Management User Interface is
available depends on which UME actions are assigned to the user. The UME action
sap.com_tcidmjmx~ump.idm_authenticated gives general access to the application and
enables the tab "Self Services".
Before running the User Interface a role needs to be created, giving any authenticated user a
general access to the Identity Management User Interface. To do so, you must have a user that
has a permission to create and assign roles when logged-on the UME.
For details, see SAP NetWeaver Identity Management Security Guide.
Adding user to the identity store
Users must also have an entry in the Identity Center's identity store with an MSKEYVALUE
identical to the user ID in the UME. Whether this user is created in the Identity Center before or
after the role creation is not of importance.
But on my NW 7.1 EHP1 (MS SQL 2005) there is not the UME action called sap.com_tcidmjmx~ump.idm_authenticated
How can I go on ??
And then... How can I access to my Identity Store ?
regards
PiCo
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Many thanks for your help!
@Christian: It did the trick, thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Florian,
The other thing to consider is the access rights for the task in question that you wish to make Self Service.
Make sure that the access controls are set for:
Allow access for --> Logged-in user or identity store entry
ID Store --> As needed
On behalf of : User or identity store entry
The access control grid will then read:
Accesstype Value On behalf of Value
Logged in All Self All users (self-Service)
I checked this in 7.0 and 7.1. (BTW 7.1 also allows the "self" relationship)
Hope this helps!
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello
Go to your Identity Store
Click the General Tab
Click Add user
Entry Type: MX_PERSON
User name: <Your User>
This should do the trick.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.