cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Changing Priv System name

Former Member

on ‎11-04-2014 10:24 AM

0 Kudos

Hi,

I am trying to connect my IdM 7.2 SP8 to an Active directoryD, I made a mistake when creating and doing initial load, So my AD connector name is Z_AD but in the connector's properties I put : PRIV:SYSTEM_ZADS so I am talking about the 2 systems privilieges:

priv:$repName:only  and priv:system:$repName          -->      priv:Z_AD:only and priv:system:ZADS    

By sql query I can see:  the both priv system.

What the best and secure method to make this change name?

Thanks,

Nina

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

terovirta
Active Contributor
‎11-04-2014 10:47 AM
0 Kudos

Hello,

easiest would be deleting the privilege and recreating it again with Initial Load (all the extra passes disabled).

regards, Tero

Show replies
Show replies
Former Member
‎11-04-2014 10:58 AM
0 Kudos

Hi Tero,

I will try this, but what would happen if the these privileges were already assigned to users?

Thanks,

Nina

terovirta
Active Contributor
‎11-04-2014 12:23 PM
0 Kudos

Okay, if there are assignments it might be easier to change the mskeyvalue with uis_setValue-function.

You need a small provisioning task that has toGeneric-pass, create an entry script that calls the uis_setValue for the given mskey, something like this:

regards, Tero

Former Member
‎11-07-2014 10:41 AM
0 Kudos

Hi Tero,

I will implement this and keep you updated,

Regards,

Nina

terovirta
Active Contributor
‎11-07-2014 12:04 PM
0 Kudos

Nina,

there's even an easier way; just locate the privilege in MMC / Your Id Store / Metadata / Privileges and change the name there:

(Had a "blonde moment" and I didn't remember this as I've usually have had the requirement to change the MSKEYVALUE in IdM UI/in config.)

regards, Tero

Former Member
‎11-07-2014 2:19 PM
0 Kudos

Hi Tero,

I see this, but if I change for example: PRIV:SYSTEM:ZADS(wrong one)    to   PRIV:SYSTEM:Z_AD (correct one), what should I take in account (any prerequisites(modification strategy?)

Because currently, users are assigned the wrong one: PRIV:SYSTEM:ZADS

Nina

Ask a Question