The issues reported from various field units pertaining to inability to log in to PoS application in connection with:
1) After resetting of password in IDAM portal
2) After facility transfer / permanent transfer operation in SAP application.
Checks to be performed by the Field users and RDA while performing Password reset in IDAM portal and Facility Transfer Operation in SAP application
The Field users / Divisional Administrators should check the following points before performing a Password reset operation in IDAM portal and Facility transfer operation in SAP application.
1) Check whether the user is enabled in the IDAM portal. For the Permanent Transfer/ FacilityTransfer/ Password Reset Operations in SAP/ IDAM portal to be effective, the user should be enabled in the IDAM portal.The user gets disabled due to the following:
a) Password Policy: Account disabled due to inactivity.
The end user will be disabled in the web portal (IDAM, SAPEP, and Service Desk) and consequently in the POS and SAP application if the user had not logged for more than 90 days in any of the above web portals.
The resolution is that the end user must make sure that they log into any of the web portal once in 90 days. If they try to login after 90 days, an error message like "Account disabled due to inactivity" will be shown after the login page in IDAM portal. The end user should inform the RDA about the same.
The RDA should first enable the end user in the "Enable User Tab "in their IDAM login. Post Enable operation, the RDA can reset the password of end user.
Otherwise, the task will get failed. This applies to all other operations like POS assignment, SAP assignment, and SAP Permanent Transfer/ Facility Transfer
operations.
b) Password Policy: Account disabled due to the login attempts.
The user will be disabled in web portal (IDAM, SAPEP, and Service Desk) after 5 failed in attempts in any of the above web portal.
An error message like "You cannot access your account because you have exceeded the limit of login attempts" will be displayed after 5 failed in attempts.
The users who are disabled like this will be enabled automatically by the system in 30 minutes.
An error message like "You cannot access your account because you have exceeded the limit of login attempts" will be displayed after 5 failed in attempts.
The users who are disabled like this will be enabled automatically by the system in 30 minutes.
Alternatively, the field user can inform RDA about the same and RDA
can enable the user in the IDAM portal. Post Enable operation,
all other operations like POS assignment, SAP assignment, and SAP Permanent Transfer/ Facility Transfer, password reset (if needed) can be performed on the user. Otherwise, the task will get failed.
can enable the user in the IDAM portal. Post Enable operation,
all other operations like POS assignment, SAP assignment, and SAP Permanent Transfer/ Facility Transfer, password reset (if needed) can be performed on the user. Otherwise, the task will get failed.
The screenshot of error message is as below.
c) Account disabled due to Suspension or Retirement.
The Divisional administrator can disable the user in SAP application / IDAM portal based on the necessity like suspension, retirement etc.
Any user who is disabled like this can be enabled (if needed) by the concerned divisional administrator by raising a service desk ticket Post Enable operation, all other operations like POS assignment, SAP assignment, and SAP FT and PT operations, Password reset (if needed) can be performed on the user. Otherwise, the task will get failed.
2) The Tcode ZHR PUSHTOIAM in SAP application should be executed only after performing permanent transfer operation in SAP application. This Tcode should not be executed after Facility Transfer operation in SAP application, because it will make permanent facility ID effective in POS and the user will not be able to login in POS application if the permanent and temporary facility ID are different.
3) The RDA should ensure that necessary POS roles are assigned to the end user in IDAM portal. If no POS roles are assigned to the end user, the user will not be able to login in the POS application.
c) Account disabled due to Suspension or Retirement.
The Divisional administrator can disable the user in SAP application / IDAM portal based on the necessity like suspension, retirement etc.
Any user who is disabled like this can be enabled (if needed) by the concerned divisional administrator by raising a service desk ticket Post Enable operation, all other operations like POS assignment, SAP assignment, and SAP FT and PT operations, Password reset (if needed) can be performed on the user. Otherwise, the task will get failed.
2) The Tcode ZHR PUSHTOIAM in SAP application should be executed only after performing permanent transfer operation in SAP application. This Tcode should not be executed after Facility Transfer operation in SAP application, because it will make permanent facility ID effective in POS and the user will not be able to login in POS application if the permanent and temporary facility ID are different.
3) The RDA should ensure that necessary POS roles are assigned to the end user in IDAM portal. If no POS roles are assigned to the end user, the user will not be able to login in the POS application.
0 Comments