on 05-02-2013 11:44 AM
Hello,
I am in the process of doing an initial load from and ECC system into IDM and provioning roles back to ECC system. During this entire process I do not want IDM to change the users password or make their passwords disabled. I want the users to continue logging into SAPGUI without any impact. I am able to see that the password attributes are commented in the initial load for 'WriteABAPUser" pass. Is there anything else that I need to be careful about.
Martin.
Martin,
This should not be too difficult to do.
The basic rule of thumb would be to comment out the attribute entries in the modify job that you do not want updated.
These would be:
MX_PASSWORD
MX_ENCRYPTED_PASSWORD
MX_LOCKED
MX_DISABLED
This would need to occur in the ABAP Modify task.
Hope this helps!
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Martin
Disable the attributes in the CreateXUser and UpdateXUser hook tasks. You may want to update the initial load task attributes too to prevent those disabled flags from doing anything to your IDM users
Peter
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
To add, don't forget MX_PASSWORD_DISABLED as well. It writes to the ABAP connector attribute ispassworddisabled. Will remove the password from the user.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.