ER 30917887 Add additional conditions to rules / How To Stop A Revoked Role From Being Autoprovisioned Again
(Doc ID 2641278.1)
Last updated on JULY 21, 2020
Applies to:Identity Manager - Version 184.108.40.206.181009 and later
Information in this document applies to any platform.
Based on Rule membership condition user will get auto provisioning role and the user will be get corresponding accounts or entitlements.
Once the user get the auto provisioning role based on rule membership condition, after some point of time manager revoke the user role either through the Attestation process or De provisioning through the request process.
Once the Request Role Membership job runs or theres any update on the user attributes, the user gets the auto provisioning role again. This is working as expected. For this scenario, the Customer would NOT like to have the same role that was already revoked, to be assigned again.
In order to set rules that could help achieve the above, the ER is to implement additional options in the rules since it's limited to ANDs, ORs, and parens.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document