Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/14/2024 10:49 PM - last edited on 04/15/2024 03:15 AM by Sunil
Usecase:
Tasks are being generated for the deleted enterprise role. After deleting the role, the role status changes to inactive. We went back to the technical rule and updated the deleted role in the object. Saviynt should automatically validate the condition of users specified in the technical rule, and once the technical rule conditions match, it should automatically identify the status of the role. The basic functionality of identifying the status of a role is not working, and when we check the same through the access request system page, we are not able to see the role when we are trying to check with the request access for enterprise roles option at the home page(this is working as expected behaviour).
In creating roles documentation we have seen this:
It says when role is in inactive state, role cannot be assigned. However we are able to select the inactive role in technical rule and tasks are getting generated. This inactive role shouldn't appear in the technical rule to be assigned.
[This post has been edited by a Moderator. We discourage the @ mention of other forum users or employees unless they have already involved themselves on the forum post.]
04/15/2024 08:43 AM
Hi @rambhan
We will validate this scenario and check if there is any issue here.
Can you please also check and confirm what happens to those tasks if you try to complete them? Do they add the user to those inactive roles as well?
Regards,
Dhruv Sharma
04/15/2024 07:28 PM
Workaround in advanced query check status of role
04/15/2024 07:52 AM
Hi @rambhan the entitlements associated with the deleted enterprise role, are they also made inactive? Or does the user still have the entitlements associated with the enterprise role?