on 09-04-2013 8:42 AM
Hi,
my customer is on Idm 7.2 SP7 and Oracle.
We have the problem that after each transport the Self Services stop working. Users get an "Access Denied" when they launch the self service link in the browser. The problem is easily fixed: You double click the corresponding line on the access control tab of the task and click "ok" on the dialog that pops up. Problem is that we don't want to do this every time we transport.
I remember I was having the same problem already in SP6 with another customer.
Does somebody else face the issue as well?
Thx
Kai
Hello Kai,
I noticed another customer got the same issue, that is after transport, the access control of self-service task got this problem, and it can be fixed by just modify and apply the access control rule again.
In table mxp_taskaccess, you may find these self tasks have targetmskey=null, while this should be 0. This issue is known to IDM DEV now, and should be fixed in 7.2 SP9.
BR, Keith
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Girish,
As Keith said, simply reassigning the access controls for self-service on the respective task will fix the issue.
If you want to do it through table MXP_TaskAccess, following is the way.
1. Get the Task ID of the self-service task.
.
2. Login to the Identity center database with user mxmc_admin and corresponding password.
3. Execute the following select query with the self-service taskid ( task id from step 1).
select * from MXP_TaskAccess with(nolock) where TaskId=<yourtaskid>
4. Check the value of the column TargetMskey for the self-service task.
The value should be '0'. If you find the value is NULL, update the value to 0.
6. UPDATE MXP_TaskAccess SET targetmskey=0 WHERE TaskId=<yourtaskid>
All the best !!
~ Krishna.
Hi Girish,
This issue happened after transport, for self service web tasks. You can fix it by just modifying the access control rule and applying it again in IDM management console, like Kai described above.
From table mxp_taskaccess, normally following combination indicates a self service task:
Membertype=1, mskey=0, targetmembertype=101, targetmskey=0
When this issue happened after transport, you may find targetmskey=null there.
Hope it helps for you.
BR, Keith
Hi Girish,
Did you apply modify the ACL rules on the self service task? usually if you modify the ACL, it should work.
As Keith mentioned in the below post, can you verify the columns for the selfservice task in MXP_TASKACCESS table as below.
Membertype=1, mskey=0, targetmembertype=101, targetmskey=0
If the columns are as above, but still not able to see the task in IDM UI,
can you pls post a screen shot of the ACL for that particular task.
Can you also confirm the version and patch level of your system.
~ Krishna.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.