cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Need only 'Manage' tab while rest be invisible

Go to solution
Former Member

on ‎12-16-2014 1:16 PM

0 Kudos

Hi,


I'm new to IDM config and currently struggling with a requirement where a user needs to view only Manage and self service tab in the IDM UI and later on this view shall be linked to another portal.

Thanks

Rimesh

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

jaisuryan
Active Contributor
‎12-16-2014 1:30 PM
0 Kudos

Hi Rimesh,

These requirements are very well documented in standard UI config guide below (need S-user id).

https://websmp209.sap-ag.de/~sapidb/011000358700001233082010E

You can find all relevant IDM docs here,

Kind regards,

Jaisuryan

Show replies
Show replies
Former Member
‎12-17-2014 4:49 AM
0 Kudos

Thanks ... But here we are in post-dev phase and already make use of all default tabs , current requirement is just for a set of users who want to browse directly to 'Manage' tab in IDM by a URL or if it can be mounted to an iview ... Please suggest.

jaisuryan
Active Contributor
‎12-17-2014 5:26 AM
0 Kudos

Hi Rimesh,

So how are you currently giving access to UI for your project users?

If you want to give access only to manage tab, then you need to assign only MX_PRIV:WD:TAB_MANAGE privilege to the user. To achieve this, two common ways are,


  1. IDM MMC job/task.
  2. IDM UI task.

Both above scenarios are explained in many other posts in the community and documented in the config guides.

Please try above said options and let us know if you are struck. Just to re-iterate what Matt said above, attending formal training is recommended.

Kind regards,

Jaisuryan

Former Member
‎12-17-2014 12:48 PM
0 Kudos

Hi Jaisuryan,

Thanks but this I am aware of. Can we do anything at portal level since the role we currently have at hand gives access to all the tabs so would like to know about any workaround besides creating a new role from start?

Regards

Rimesh

jaisuryan
Active Contributor
‎12-17-2014 1:37 PM
0 Kudos

Hi Rimesh,

From top of my head, I can say,

Thru portal UME, you can only authenticate users to IDM UI via "idm_authenticated" action and IDM Admin UI via "idm_monitoring_support/s idm_monitoring_administration" action. But what (Tabs) to display within that UIs is controlled by IDM privileges. If you do not have any role with only "MX_PRIV:WD:TAB_MANAGE" priv, then you can directly assign it to the user. Else I'm afraid you have to create a separate role for it.

Experts, please correct me if I am wrong. Cheers.

Kind regards,

Jaisuryan

former_member2987
Active Contributor
‎12-17-2014 7:08 PM
0 Kudos

Hi Jai,

You have it right.  IDM tabs are controlled through IDM, even if it's in Portal.

The SCA files give the basic screens and access to the WebDynPro UIs, after that, it's all IDM.

Rimesh, if you want something custom beyond that, you'll need to create your own UI5 interface.

Matt

Former Member
‎12-18-2014 4:15 AM
0 Kudos

Thank you Jaisuryan, so role creation is the only way out ...

former_member2987
Active Contributor
‎12-18-2014 6:25 PM
0 Kudos

Rimesh,

If this answer is correct, please mark it so (along with any helpful answers) so we can keep the system up to date.

Thanks,

Matt

Answers (1)

Answers (1)

Steffi_Warnecke
Active Contributor
‎12-16-2014 1:28 PM
0 Kudos

Hello Rimesh,

I can tell you, that the requirement is pretty easy to achieve and if you check the IDM documentation that is available from the startpage of this space, you'll find the "Security Guide". There it is explained, which IDM-own privilege is responsible for which tab.

If you want to dive into IDM and its administration/configuration, searching and reading will become your best friends, if they aren't that already.

Regards,

Steffi.

Show replies
Show replies
former_member2987
Active Contributor
‎12-16-2014 4:13 PM
0 Kudos

I'd also add that attending Training is pretty important as well.

IDM is not like other modules in it's architecture, implementation or design.  Attending formal training is a HUGE benefit.

Matt

Former Member
‎12-17-2014 4:49 AM
0 Kudos

Hi Steffi and Matt,

Thanks ... But here we are in post-dev phase and already make use of all default tabs , current requirement is just for a set of users who want to browse directly to 'Manage' tab in IDM by a URL or if it can be mounted to an iview ... Please suggest.

Rimesh

former_member2987
Active Contributor
‎12-17-2014 2:20 PM
0 Kudos

Rimesh,

Always happy to answer questions, but long term, you'll need to consider what Steffi, Jai, and I have mentioned.

As Jai mentioned, use of the MX_PRIV:WD:TAB_MANAGE privilege will give you the access you want.  You might want to consider creating IDM roles (consider this as IDM specific composite roles)  You will definitely want to research this further as you consider how your IDM implementation is to mature.

Regards,

Matt

Former Member
‎12-18-2014 4:29 AM
0 Kudos

Thanks Matt for the valuable suggestion ...

Ask a Question