on 06-12-2015 9:28 AM
Dear
I modify an entry (first name for example) in PA30 and I can see an entry is made in table: HRLDAP_PERNR
After that I am trying to do a delta run with the program:
RPLDAP_EXTRACT_IDM (delta option enabled!!!)
I am getting the following error: ( using program SPLDAP_DISPLAY_LOG_TABLES)
LDAP_CREATE failed
Entry already exists.
In the VDS I have configured the DB and enabled the additional parameter:
VALIDATE_MODIFY = TRUE
FIXVALIDFROM = TRUE
Kind regards
Lucas
I don't understand, I did a standard VDS setup and it's not working, is there any good documentation on how to setup HCM -> VDS -> IDM?
Is it possible there is a bug with IDM 8.0?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The scope is in most cases 2, if you have created the master identity store before the staging area.
In the developer studio (or identity center) you will find the number of the scope in the properties of your staging area. It should be the ID with a value like "2/HCM_Staging_Area" (I'm not sure for 8.0).
The above mentioned SQL statements show the scope under row IS_ID.
Under the IdM 7.2 documentation you will find the docu. This should be compatible to 8.0. You can also check, if the RDS package for IdM is usefull for your landscape. There is a Blog Post how to use RDS with IdM 8.0.
Regards,
Andi
Hi Lucas
sometimes the error messages on ABAP are confusing. You can check the operation log within VDS and hopefully get some more informations.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
VDS Error:
Can not add entry to MIC:java.lang.Exception: Could not get or create CB1CLNT800 00100096 node: ERROR:Entry already exists)
That message is correct, the entry already exists. But I don't want to create it, I want to update it (delta). With this particular record I changed the first and last name in PA30.
Kind regards
Lucas
How HR LDAP Export works:
1. HR makes an LDAP SEARCH for the object in VDS
2. if VDS returns a result, HR makes a MODIFY on the object
if not HR makes an ADD operation
You can check this in the audit log in your VDS. If in your case HR only makes one ADD operation and throws the error, most probably you have in your HR_EXPORT Report the option "optimized for LDAP initial load" selected, i.e. the report only makes an ADD operation.
Another reason can be that the SEARCH operation failed, so the HR report decides to create the object. The result for the SEARCH operation you find in the audit log.
Regards,
Andreas
Hi Lucas,
you found the personnel number in the table HRLDAP_PERNR. So the needed BAdI is activated.
Here is some information:
Dear Andreas
Thanks !
UserName:hruser_|_ClientIP:10.32.22.127_|_UserGroup:Authenticated_|_StartingPoint:o=idstore_|_OperationType:SEARCH_|_OperationSubType:sub_|_Filter:(&(OBJECTCLASS=sapIdentity)(CN=CB1CLNT800 00100096))_|_RequestedAttributes:objectclass_|_ReturnedEntries:0_|_Fetched from cache: false_|_ResultCode:0_|_ResultMessage:(Identity Store 7.2 1700:0:OK)_|_Operation duration (ms):11_|_System load (engines):1
It's the second reason, my SEARCH isn't returning any value.
Do you have any idea what could be causing this? If I use the LDAP browser within VDS I can see the actual record showing up...
Kr,
Lucas
first try the same SEARCH operation with your LDAP Browser (you can do this more comfortable with a Tool like LDAPBrowser or even with transaction LDAP in your HR System):(&(OBJECTCLASS=sapIdentity)(CN=CB1CLNT800 00100096))
Try this statement on your DB server:
SELECT * FROM idmv_value_basic where attrname='MSKEYVALUE' and searchvalue='CB1CLNT800 00100096'
If you dont get a result, try this (in this case a conversion happened while the object is created but not on a SEARCH operation):
SELECT * FROM idmv_value_basic where attrname='MSKEYVALUE' and searchvalue like ='%00100096%'
Check the config of the staging area Data source in VDS. It should look like:
Check on the VDS root node, if there are Pre- or Post- processing methods for the SEARCH operation are selected but not for the ADD operation or vice versa.
Regards,
Andi
In VDS Config do the following:
Now, you hopefully get some more information about the failure of the search result. For sure you get the translation to the according SQL statement.
Regards,
Andi
Hi Lucas,
maybe you have the "Optimize for LDAP Initial Run" flag in RPLDAP_EXTRACT_IDM set, although this is not your initial run?
Best regards,
Lambert
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
80 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.