cancel
Showing results for 
Search instead for 
Did you mean: 

MX_PRIV* privileges missing in Identity Store

Former Member
0 Kudos

Hello community,

I am installing a SAP NetWeaver Identity Management and I having trouble in the final step of "Identity Center

Installing and configuring the Identity Management User Interface" guide.

The point is that when I call "Assign privilege" tab in order to make another tabs available for the user Administrator, and the I press "search", I get the following:

So this means that I have no privileges in Identity Center as showed in the screenshot below:

I've checked all the available guides (I think so) and I am unable to find any reference to those privileges. It seems I've missed some configuration step that belongs to an unknown guide for me.

My question is, may I to create those privileges? Otherwise there is another way to load from any source into Identity Store?

Could anybody help me, please?

Many thanks in advance

LM

Accepted Solutions (1)

Accepted Solutions (1)

bxiv
Active Contributor
0 Kudos

I believe those are provided by the sql scripts that come with the Identity Center...and to note you are looking in the wrong spot for your MX items, privileges are populated from your remote systems, jump up to "Entry types" & "Attributes" and you will see MX entries.

When you added administrator to the MX_Person store for Enterprise People did you also check the two boxes for manager/administrator privileges?

You may also need to review the SQL side manually to review what you have assigned to your administrator account.

Steffi_Warnecke
Active Contributor
0 Kudos

Billy Warring wrote:

and to note you are looking in the wrong spot for your MX items, privileges are populated from your remote systems, jump up to "Entry types" & "Attributes" and you will see MX entries.

I think Luis is looking for the IdM privileges. You'll find them in the location the screenshot shows and they start with MX_PRIV. E.g. MX_PRIV:WD:TAB_TODO

Regards,
Steffi.

bxiv
Active Contributor
0 Kudos

Ah SNAP, my sandbox system glitched on me thank you for the correct @Steffi, shutting down the MMC and re-launching it now shows them there...one more reason I hate Windows!

Steffi_Warnecke
Active Contributor
0 Kudos

Ah, the love for Windows...

@Luis: I looked through some documentation, too and could only find the explanation of the privileges in the Security Guide (5.1.3 Providing Specific Access (Identity Management Privileges)).

I would think these privileges should have been created when installing the Identity Center or at least the User Interface. But since I never had the fortune of seeing an IdM installed from start to finish (only updates and upgrades and more up's), I can only guess.

But it looks like you can just create them manually like any other privilege:

Regards,

Steffi.

bxiv
Active Contributor
0 Kudos

I believe the SQL table can be leveraged also, I show the first 13 rows having the MX_PRIV IDM privs (MS SQL):

dbo.mxi_entry

dbo.MXI_Attributes

When I look at a manual comparison they look to be the same.

I also reviewed the DBA scripts under the ICDESIGNTIME folder and in the SQL-Server folder it looks like '5D-create-procs.sql' is the file that when imported will create the MX_PRIV: items.  Also looked at the Oracle scripts and its named the same.

Former Member
0 Kudos

Hi Billy,

I've just found new scripts like the one you have mentioned. These scripts belongs to the ICDESIGNTIME SP8.

I've run a mxmc-update and the objects are now visible. I thought I did it yet, by the way.

Thank you, the issue is solved,

Cheers,

LM

Former Member
0 Kudos

Hello Steffi,

Thank you for sharing the Security Guide.

Cheers,

LM

bxiv
Active Contributor
0 Kudos

Thanks for letting us know the issue was resolved! 

Steffi_Warnecke
Active Contributor
0 Kudos

You're welcome! 🙂

Answers (0)