cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to make URL for anonymous task?

Go to solution
Former Member

on ‎11-28-2013 3:33 AM

0 Kudos

Hi All,

I want to implement Unlock account feature as a anonymous task and I want to provide a seperate URL to users. So that user can access that URL and unlock themselve without taking help from help desk. I have developed a ordered task for this with access control anonymous. But I am unable to generate the URL of that task, so that user can directly type the URL and unlock themselves. Logon for Unlock user will not work by default.

Please share if you know the trick to create a URL of a anonymous task.

Thanks,

Dhiman Paul.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎11-28-2013 6:05 AM
0 Kudos

Hi Dhiman,

Can you please rethink your approach. The reason is, Say you have created a UI task with MX_PERSON as entry type and a field which accepts the MSKEYVALUE as input.

Since you want to use this task as an anonymous task, so this UI task will be accessed directly as mentioned by Keith.

But, since the task expects MSKEYVALUE, but the user access it without logging in, It may throw error.

In case if it works positively, remember that the input MSKEYVALUE provided should be validated to check whether the input given  MSKEYVALUE exists or not before proceeding ahead. You can use the extension framework for this.

If you are able to achieve it in any other simple manner. please do keep us posted on how achieved it. I am also planning for such feature in my environment.

All the best !!

~ Krishna

Show replies
Show replies

Answers (4)

Answers (4)

Former Member
‎11-29-2013 11:46 AM
0 Kudos

Hi Krishna and Keith,

Many thanks to both of you for your thoughs and suggestions.

I have decided and implemented Unlock as Selfservice to service desk (Tire 3 support) and Self service to user to unlock himself in AD. We have not yet integrated AD with AS JAVA, it means if users gets locked in AS JAVA he may not be locked in AD and opposit. THis solution is working fine. When user is lock at AD and AS JAVA both then he will give a call to Service desk and then T3 guys will unlock from by choosing the unlock task displayed under manage tab.

But I to not want to add those T3 users directly in Accesss control tab of my Unlock task. I want a role to be created for them where T3 guys will be the member and able to see the Unlock task under Manage tab. I am not able to under stand how i can choose a role under access control. Do I need to write sql for that ? can you tell me what sql I need to place under access control tab so that on ly users under a specific role can see that unlock task.

Thanks,

Dhiman Paul.

Show replies
Show replies
Former Member
‎11-29-2013 3:41 PM
0 Kudos

HI Dhiman,

For making a task available for users who have a specific role, please following steps.

1. Create a role which you want to assigen to the T3 users, say "Unllockaccount_T3".

2. In the Management Console, Navigate to the task and access control tab.

3. Click on Add.

4. For the field "Allow access for" Select "Logged in user or identity store entry"

5. For the filed 'ID store" select the appropriate ID store.

6. For the filed "Name" click and type the name "Unlockaccount_T3" and click on the "check names" button, which in turn opens a new dialog and form wehre the role can be selected.

7. Click ok.

Now, the role "Unlockaccount_T3" has been added under access control tab. Which means, that all the users who will have access to the role "Unlockaccount_T3" will be able to access this task under manage tab.

All the best !!

~ Krishna.

Former Member
‎11-28-2013 10:52 AM
0 Kudos

Hi Keith,

Thanks for your reply. Basically I want a URL of my task which can be accessed by the user without login to unlock himself. The page will display security questions and answers. Onsubmit of that page I an executing a task to unlock the user in AD. I want this task to be accessed by the user without login. As Password reset out of the box provides a URL which does not require to login and access.

Thanks,

Dhiman Paul.

Show replies
Show replies
Former Member
‎11-28-2013 11:51 AM
0 Kudos

Hi Dhiman,

If I understood your scenario correct, you need something similar to Password reset task. But in your case it should unlock the user's account.

As of now, I don't think its possible with the standard UI tasks and the configuration for this scenario is also not possible.

If you really want this feature, then as Keith confirmed you have to develop on your own using REST APIs.

All the best.

~ Krishna.

keith_zhang
Active Participant
‎11-29-2013 9:26 AM
0 Kudos

Hello Dhiman,

I guess most of the times such lock should be due to incorrect password lock? Then maybe, besides unlock the user, it would also be helpful to reset their password at the same time? I am not quite sure about your real situation, but if password reset should also be done, maybe you can still use the password reset task. Then in the relevant plugin task, besides changing the password attribute, also try to adjust the relevant lock attribute.

I didnot test/tried such thing before, but hope it could help you some...

Besides, there is also a new function for password reset, the logon help(password reset task is also requied here):

http://help.sap.com/saphelp_nwidmic_72/helpdata/en/0d/71c8bb0f744c308c7b5e91657ddcbf/frameset.htm

BR, Keith

Former Member
‎11-29-2013 10:51 AM
0 Kudos

Hi Keith,

Appreciate your out of box thinking !!

But here still the name of the task will be password reset. Of course the purpose is served to identify the user using security questions and allowed to do what ever we want under the ordered task, still the problem is the name of the task is password reset !! ( Assuming you are not using password reset task in your IDM task) which no businnes would allow to unlock with task name as password reset.

And anyways  you have to use standard password reset task (guided task) for this unlock feature, IDM will not understand which is the actual password reset task. ( if you are already using standard password reset task in your landscape)

Clearly  business won't allow for such confusion !!

Hope I make sense !! May be we can raise a request in the thought place for this to SAP to allow customization of anonymous self service tasks.

Happy Weekend !!

~ Krishna.

keith_zhang
Active Participant
‎12-02-2013 1:02 AM
0 Kudos

Hello Krishna,

Thanks for pointing this out. My initial thought was if unlock and password reset could possibly be combined together since maybe it is mostly wrong pwd lock... while anyway, great that Dhiman already got a way to figure it out

BR, Keith

Former Member
‎11-28-2013 7:46 AM
0 Kudos

Hi All,

There are two issues:

1. If the task is not MX_PERSION type then URL is not working. It is throwing 500 error.

2. If the task is MX_PERSION type then page is appearing but without attributes. Please refer attached screenshot.

Thanks,

Dhiman Paul.

Show replies
Show replies
Former Member
‎11-28-2013 8:19 AM
0 Kudos

Hi Dhiman,

Yes I was telling about this exactly in my previous reply. Earlier,  I tried the same way and failed to achieve this .

I presume, at this point in order to make a task accessible to anonymous users is not possible except for the password rest task.

I think, we can build some custom screen using Rest APIs.

Keith, can you confirm this. Is there any other way we can do this ?

~Krishna.

keith_zhang
Active Participant
‎11-28-2013 10:06 AM
0 Kudos

Hello Dhiman and Krishna,

I just checked the documents and tested this, I am afraid the anonymous access now should only be available for create task(option 'this task creates a new entry'), and it should not be relevant to the entry type you selected.

For using the REST API, I think it should work while it also requires to develop the relevant UI as you know. So do you want to unlock the user of the AS Java where IDM web UI is deployed? The user is locked due to incorrect password? If it is due to the wrong password, can they use the paswword reset task directly?

BR, Keith

keith_zhang
Active Participant
‎11-28-2013 5:39 AM
0 Kudos

Hello Dhiman,

Access to anonymous tasks:

http://<server>:<port>/webdynpro/dispatcher/sap.com/tc~idm~wd~workflow/AnonymousService

Direct task access:
http://<server>:<port>/webdynpro/dispatcher/sap.com/tc~idm~wd~workflow/AnonymousEditTask?TaskId=<Tas...>

Hope it helps.

BR, Keith

Show replies
Show replies
Ask a Question