cancel
Showing results for 
Search instead for 
Did you mean: 

Users are not getting deleted

Ckumar
Contributor
0 Kudos

Hi experts,

I am using SAP IDM 7.2

We have two views

  1. Idmv_vallink_basic: This view contains all the users(both enabled and Disabled) in IDM.
  2. Idmv_vallink_basic_active: This view contains only the enabled users.

User XYZ whose MSKEY is 12345 exist in  Idmv_vallink_basic but doesn't exist in Idmv_vallink_basic_active.

when i tried to delete one user(XYZ) from the UI, then i got the following error.

and after that when i checked that user in IDM, i found that user XYZ complete data(Dispalyname, CN, Person ID etc. including all rolesa and privileges) has been removed from the IDM except the User ID.

when we delete any user from UI, it calls the Delet user task.

Delet user task contains two passes.

  • the first one is remove privileges: here we removes all the privileges associated with the particular user.

the source of this pass is

while Script and destination configuration is

  • Second pass is Delet User, whose source and script is same as above but destination configuration is

    

Could you please tell me why i am getting such error.(User's data are getting deleted but user ID is not) and how to fix this issue.

Thanks in Advance,

Regards,

C Kumar

Accepted Solutions (0)

Answers (3)

Answers (3)

terovirta
Active Contributor
0 Kudos

C Kumar wrote:

when i tried to delete one user(XYZ) from the UI, then i got the following error.

That looks like pending value rather than person entry as it has the MX_ENTRY_REFERENCE-attribute.

Which pass gives you the error? Taking away the access or deleting the user? Or something in SAP Provisioning Framework?

Personally I think it's best to inactivate the user, setting mx_inactive=1, deprovisions user and hides it in IdM.

Also, depending on what 7.2 Sp-level you're working you don't need to remove first the roles/privileges to delete the user. (not sure but I am thinking with Sp6 and newer you can just delete the user)

regards, Tero

Former Member
0 Kudos

Hi

Usually you should not go for deletion of users as it's not standard process. If you want to as already suggested by simona you can use the database pass and delete the MSKEY.

Regards,

Deepanshu Sharma    

Former Member
0 Kudos

Hi Kumar,

If you are able to fined the user in Idmv_vallink_basic and not in Idmv_vallink_basic_active, the user shoould be terminated. If you are trying to delete the user for IdM as a record, you should use a database pass and delete the mskey. But deleting the user's mastar data is not supported from IDM UI and this is not a standard procedure, as once terminated user's master record stays in IdM(user's master data in not deleted).

BR,

Simona