cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP IDM - User Sync to UME Not Working

Former Member

on ‎07-26-2011 1:24 AM

0 Kudos

Hi All,

Currently we're planning to implement IDM 7.1 SP05 for ESS/MSS user Password provisioning. We're done the basic configuration as per the guides and HR Employers has sync to VDS and then to SAP Master Identity Store.

Now we wanted to sync these users back to IDM UI for setup Password provisioning as per guide 'User management for the Identity Management User Interfaceu2019.

However every times we assign the PRIV:UME Role to users it called the Global Task Event 'Modified User'. However as we understand it should call Create UME User, Modified UME User or Delete UME user task and which will create users in IDM UME.

Therefore users not created IDM UME and system also does not show enough log to analyse it. We've assign correct Privilege Task under PRIV:UME and it point to Create, Modified and Delete UME task as well.

Appreciate the support on same.

Thanks.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎07-27-2011 8:58 AM
0 Kudos

Hi Dinesh,

The privilege tasks that you've assigned to PRIV:UME, are they being triggered at all? Does anything show up in any of their job or system logs after you assign the privilege? are the create, delete and modify privilege tasks all AS JAVA tasks from the Provisioning framework?

Have you tried creating standalone UI tasks that link to these specific create, delete and modify tasks to see if they actually do anything in UME? If not, it would at least help ascertain whether or not these tasks just work on their own without any privilege dependencies.

Cheers!

Show replies
Show replies
Former Member
‎09-01-2011 3:26 PM
0 Kudos

I'm experiencing a similar problem.

Initial UME user sync worked - but not at all - it stopped after several users. Not all has been sync'ed.

When I now try to create/delete a user via assign/deassign PRIV:UME the CreateUMEUser does NEVER work (!!?) and the CeleteUMEUser only sometimes work.

In all cases when any of the UME methods (CREATEUMEUser or DeleteUMEUser) is expected but is not called ALSO NO entry can be found in the system log nor in the job log.

It's really hard to analyze when obviously ther eis no information/log available.

It seems that in many cases the method calls "simply" are NOT trigggered - but why ?

Any ideas how to follow up such a task ?

Kind regards

Stefan

Former Member
‎09-01-2011 11:25 PM
0 Kudos

Hi,

We already found solution for the issue, could not able to update the thread. Yes IDM system does not provides enough log, but you need to check the backed Java system for actual logs.

Please check below for the solution.

1. Make sure your Keys.ini set correctly as per guide (This could be the most reason)

2. If it set correctly you need to check provision enabled in the Dispatcher and try the assign the PRIV:UME again to users.

If you still have issue please let us know.

Thanks.

Former Member
‎09-06-2011 12:45 PM
0 Kudos

Dinesh

Thanks for the response.

But all you mentioned has been checked.

keys.ini is fine (I had a problem with that before), the provisioning option is set, all tasks are checked that they're enabled.

Simply when I assign PRIV:UME to a user a "ModifyUser" log entry appears of the corresponding (ssuccesfully) IDM user modification -> but that's it. Nothing else. Not other job log, no system log, nothing in the log of the java stack. Simply nothing. I don't know why the UME provisioning tasks are neither triggered nor ANY log entry appears. It's hard to continue analyzing when a system appears alike a black box and absolutely no informations are returned.

I also failed at several attempts to call these tasks directly/from manual created tasks.

These tasks "simply" do not react any more ..

Regards

Stefan

Former Member
‎09-06-2011 1:03 PM
0 Kudos

Correction.

Maybe found the "cause".

The CreateUMEuser task was in status "error". I set it to "disabled" first and hen to "enabled" (to set it directly to "enabled" did not work !?). Now it works.

Regards

Stefan

Ask a Question