cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Java Repository with ABAP UME Datasource

Go to solution
kkypris
Explorer

on ‎09-22-2016 10:07 AM

0 Kudos

Hello everyone,

I am trying to activate provisioning for a SAP Portal (java) system which has an ABAP system assigned as the UME datasource.

With ASJavaDB repository type, IdM tries to create the user, but the user already exists from the ABAP system. The following error is produced:

putNextEntry failed storingSPML.SAPUSER.

Exception from Add operation:com.sap.idm.ic.ToPassException: No such objectclass defined

Exception from Modify operation:com.sap.idm.ic.ToPassException: Unexpected error when processing modify request Unsupported ID found null

The ACCOUNT<JavaRepositoryname> attribute does not exist for the user, so no role assignment can be completed.

Does anyone know how to handle this scenario?

Thank you,

Konstantinos Kypris

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

kkypris
Explorer
‎09-23-2016 10:09 AM
0 Kudos

Hello Steffi and Lambert,

Thank you for your help.

We are on version 8.0 SP03 and I tried to setup a Dual Stack repository as it seemed like the easiest solution. Unfortunately there are no jobs for initial loading in the relevant package. I found a thread with the same issue . It seems the problem hasn't been solved by SAP.

I will try Steffi's suggestion or another idea that I had. I could create dummy ABAP roles which will then be assigned to portal roles through UME (they show up as portal User Groups). It is more effort but it will surely work.

Regards,

Konstantinos

Show replies
Show replies

Answers (2)

Answers (2)

lambert-giese
Active Participant
‎09-22-2016 10:33 AM
0 Kudos

Hi Konstantinos, hi Steffi,

using the ABAP connector with repository type "Dual Stack (AS ABAP and AS Java) System" instead of the AS Java connector would be another possible approach.


First execute the ABAP dual stack initial load, so the account attributes of all persons who already have an account in the system are populated in IDM. Then create new users as needed from IDM and assign Java or ABAP roles. The connector is smart enough to use RFC for the ABAP parts and SPML for the Java parts.


Some documentation about this repository type can be found here.

Show replies
Show replies
Steffi_Warnecke
Active Contributor
‎09-22-2016 10:20 AM
0 Kudos

Hello Konstantinos,

we don't use ABAP but LDAP as UME for our portal, so our base is kind of similar.

We just have a custom hook task for "create java user" and "delete java user" without any workflow behind it. This way IDM does not try to create anything in the portal backend and your get the account attribute to then provision privileges.

Regards,

Steffi.

Show replies
Show replies
Ask a Question