and more in a single search tool across platforms. Read the announcement here. |
04/12/2022 12:59 PM
I'm having some issues getting Entitlement Mapping to work reliably. We use active directory groups to designate group membership in another endpoint. I've set up a few of the active directory groups in our dev environment to have an entitlement mapping to the corresponding group in this other endpoint. This has been setup to create add/remove tasks as well.
When I first set it up, the user in AD_Group1 was granted an account and Group1 in the second endpoint. I then tried removing the user from this AD_Group1, but no revoke access request was ever generated in the second endpoint. They are still a member of Group1 there. I then setup a AD_Group2 to map to Group2 in the second endpoint. I added the user to the AD group, but they have not been added to Group2 in the second endpoint.
What kind of events trigger this entitlement mapping to create add or remove requests? I tried to run a detective rule when the user updates to re-run the provisioning rules and update account tasks in both endpoints. I've also tried importing accounts/access from AD, and see the user is in AD_Group2 but they don't get the Group2 in the second endpoint. So far nothing has triggered this to happen.
Solved! Go to Solution.
04/12/2022 02:06 PM
Hi Adam,
Greetings!!
Could you please help us with below information:
1) Version of SSM.
2) Are you talking about Entitlement Map (Admin > Entitlements > (Select any entitlement) > Other entitlement details > Entitlement Map) ?
Thanks & Regards,
Anand Kumar Jha
04/12/2022 02:06 PM
1) version 5.4.1
2) Yes that is the one I am trying to get setup.
04/12/2022 02:06 PM
Hi Adam,
Please let us know, are you getting the problem in setting up the entitlement map or after setting entitlement tasks are not generated?
Thanks
Ajay
04/12/2022 02:06 PM
No entitlement tasks are being generated.