My Oracle Support Banner

ER 30917887 Add additional conditions to rules / How To Stop A Revoked Role From Being Autoprovisioned Again (Doc ID 2641278.1)

Last updated on JULY 21, 2020

Applies to:

Identity Manager - Version 11.1.2.3.181009 and later
Information in this document applies to any platform.

Goal

Based on Rule membership condition user will get auto provisioning role and the user will be get corresponding accounts or entitlements.
Once the user get the auto provisioning role based on rule membership condition, after some point of time manager revoke the user role either through the Attestation process or De provisioning through the request process.

Once the Request Role Membership job runs or theres any update on the user attributes, the user gets the auto provisioning role again.  This is working as expected. For this scenario, the Customer would NOT like to have the same role that was already revoked, to be assigned again. 

In order to set rules that could help achieve the above, the ER is to implement additional options in the rules since it's limited to ANDs, ORs, and parens. 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.