MIM Portal: regular user access and unable to process your request


Getting the error „Unable to process your request“, is a common issue a lot of people are facing when accessing the FIM/MIM portal a regular user.

There are a lot of forums discussions and blog posts around that issue and how to solve it.

However, I think I found another reason why that issue can occur even if that will not be a common scenario for most people but still worth to write about it in my opinion.

The scenario where I face that “new” issue is like following:

  • Portal is designed for management of custom object types only be helpdesk people
  • Helpdesk people should not manage any of the default objects (users, groups)
  • Users have no need to see requests and there is nothing to approve

Therefore, I created multiple objects (Homepage, Navbar, Search Scope and other related objects) to give access to helpdesk people to my custom objects.

I also removed the usage keyword “BasicUI” from any of the default UI elements, so in fact people at this point should one the the “Home” link on the portal page.

However, I forgot to assign helpdesk people to the needed MPRs for permission of my UI elements for the custom object but I assume that they will still see the “Home” link on the portal page.

At this point users get the “Unable to process your request” error, when they are trying to access the portal. Sadly, I did not recognize that I forgot to give them permission to the UI elements and so I started to debug the issue.

Jorge wrote a complete article on how to solve that error and I tried of all them but nothing helps. After some hours I remember that I want users to see me custom object UI elements and assign the permission correctly and at that point access to portal was granted to regular users.

(2013-01-09) FIM Portal Access For Any Regular AD User Account – How To Enable And Troubleshoot

I checked it again by removing all UI element permissions from the user and the error came back.

So conclusion is that at least users need to have at least permission to read “ONE” UI element like Navbar or Homepage link to have access to the portal itself, the “Home” link only is not enough.

Keep that in mind when you modify your UI elements.

Advertisements

About Peter Stapf
Senior Consultant Identity and Access MVP (Enterprise Mobility)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: