on 04-01-2010 3:15 PM
Hi All,
I created a job that reads a file and creates users in the identity store.
All these users must be added to a Role with MSKEYVALUE ROLE_EMPLOYEE.
In the to Identity store pass I added this line:
MSKEYVALUE %USERID%
...
MXREF_MXROLE <ROLE_EMPLOYEE>
...
When I run the job without the role assignment there is no error and the user is created.
Running it with the role assignment I get this error?
putNextEntry failed storingJoachimVanPraet
Exception from Add operation:com.sap.idm.ic.ToPassException: ToIDStore.addEntry
failed storing entry 'JoachimVanPraet'. IDStore returned error message: "
User is not allowed to run task:Attribute: MXREF_MX_ROLE" when storing attribute
'MXREF_MX_ROLE=<ROLE_EMPLOYEE>'
Exception from Modify operation:com.sap.idm.ic.ToPassException:
ToIDStore.modEntry failed updating entry 'JoachimVanPraet'. IDStore
returned error message: "Entry does not exist" when fetching entry
Who can help me out?
kr,
Joachim
Joachim,
Please try replacing the ROLE_EMPLOYEE with its MSKEY. You can find this by querying it in the mxiv_sentries view with
attribute = "MSKEY" and aValue= <ROLE_EMPLOYEE>.
Hope this helps.
Thanks
Shabna
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi all,
Yes I did, the job is working when I remove the line MXREF_MX_ROLE.
I allready tried te replace the <EMPLOYEE_ROLE> in the MSKEY of the role.
I also tried to do it the other way around. Assigning the user to the MXMEBER attribute of the role.
Entry type: MX_ROLE
MSKEY: <EMPLOYEE_ROLE>
MXMEMBER_MX_PERSON: <JoachimVanPraet>
changeType: modify
Result:
putNextEntry failed storingEMPLOYEE_ROLE
Exception from Modify operation:com.sap.idm.ic.ToPassException:
ToIDStore.modEntry failed modifying entry 'EMPLOYEE_ROLE'.
IDStore returned error message:
" User is not allowed to run task:Attribute: MXMEMBER_MX_PERSON"
when storing attribute 'MXMEMBER_MX_PERSON={A}<JoachimVanPraet>'
strange thing: when I create the user without MXREF_MX_ROLE I can assign the role in the UI without any problem...
kr,
Joachim
User | Count |
---|---|
89 | |
10 | |
9 | |
9 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.