Idea Details

Identity Manager to handle down SAP endpoints

Last activity 07-25-2017 10:22 AM
Angelina Watson's profile image
03-30-2016 06:47 PM

  • Answer
    -  IM does not have the intended use for IM to handle endpoints that are down
    for extended periods.  
  • IM needs to be able to communicate with its endpoint systems, if one or two comes
    down for an emergency and are brought back up or there's a scheduled outage
    that's one thing, but in some customer instances,   you have SAP endpoints that are down
    for months         and users who are being
    provisioned who have accounts on those endpoints that are down , so IM keeps
    trying to reach out to these systems and the systems are unavailable which is
    not an intended use of IM or the way IM is designed today.


07-25-2017 10:21 AM

CA Identity Suite 14.1 is now available and contains an enhancement that identifies offline endpoints and handles them. please refer to the release notes for more information.

07-11-2016 05:23 PM

The product team is now targeting this capability for the next release.

04-05-2016 02:04 PM

I had the same issue, here what I did:

Created a supporting DB that hold all endpoint information except for username and password.

Load the DB with all current endpoints information

Create 2 supporting tasks:

Enable SAP Endpoint

Disable SAP endpoint

On both Disable and Enable I update the DB with the current Endpoint status and show the list of endpoint according to status (Enable can be done only on disabled endpoints)

behind the scenes I delete or re-create an endpoint + using a script to run a etautil command to E&C the newly created endpoint.

Gave access to the SAP team to enable & disable their endpoints.


I do think it can be a nice enhancement to have a flag for per endpoint to be able to enable\disable sync with the option to re-sync accounts on re-enable. Or Enable auto re-sync on failure with schedule \ number of tries.