cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Provisioning of SAP EP custom attribute

Former Member

on ‎04-18-2012 11:28 AM

0 Kudos

Hello,

In order to manage SSO with SPNEGO, we created a custom attribute in SAP EP and want to use SAP IDM to provision it.

I created a custom attribute in IDM, linked it to MX_PERSON but am still facing 2 issues to make it work:

  • - The first and most important one is that my SAP EP custom attribute is not recognized. I tried with the Attribute name, <namespace>:<attribute> and ume.admin.addattrs with no success. In order to verify if the issue was on IDM attribute, I tried to use my custom IDM attribute to provision an EP standard fiel with success. Did you already faced this issue? Do you know what I should specify in the destination tab of my pass
  • - Other issue is that the attribute is provisioned in case of user creation or when it is performed with another modification but when I only modify this field it does not start anything. Is there a specific script I should modify?

Thank you very much for your precious help.

Very best regards,
Estelle

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎04-18-2012 2:16 PM
0 Kudos

It's been a while since I created a custom attribute on portal and provisioned to it, but I remember <namespace>:<attribute> being the syntax to write to it.  Make sure your IdM user has the authority to write to it.  Not sure why that's not working for you.

As far as your 2nd question goes, it depends what version your're running.  In IdM 7.2 this is controlled by the system privileges (PRIV:SYSTEM*).  Check on      MX_PRIV_MODIFY_POLICY in help.  That might lead you to the right answer.

Show replies
Show replies
Former Member
‎04-18-2012 3:33 PM
0 Kudos

Hello,

Thank you. I solved the first part of the issue but the second one remains.

I am working with SAP IDM 7.2.

Indeed my MX_PRIV_MODIFY_POLICY is set to 0 but it still does not work.

Do you have any clue on what could be the blocking problem?

Thank you in advance for your help.

Best regards,
Estelle

Former Member
‎04-19-2012 4:00 PM
0 Kudos

In the Identity Center MMC -> Go to your ID Store -> Go to Schema -> Privileges -> Filter on "PRIV:SYSTEM -> on each system privilege go to the Tasks tab -> on the tasks tab you will see all the attributes that will trigger a modify action.  They have a checkbox next to them.

If a user has this given system privilege, a modify the users given attribute will trigger a modify if the box is checked.

Hope that clears things up.

Ask a Question