Hi Simona,
I use standart IDM task "Modify Role", in this task I add SAP privileges to role. As result user, who have been assigned this role, get the privilige PRIV:<SYSTEM>:ONLY. As result, system run standart Provisioning tasks and user are created in SAP ABAP system (after task "Create ABAP user").
Best regards,
Natalia.