We had a requirement that once user request a application after submitting it they the task will be generated. Once we run the provisioning job the task gets complete the application will be assigned to him. Here after we need to give him the AD access.
Once the application assigned to the user automatically the AD access need to be given.
I tried to use technical rule but its depand on user attribute side the rule will trigger
So how can we achive this issue, please let me know anyone is aware of this one
Ensure the action must be defined in the technical rule to create the account for the AD endpoint and assign the group. If this is not done, no tasks will be generated for the user.
Both the account creation and group addition actions should be kept, as shown in the screenshot below.
You may want to use Entitlement Map. For the requested application entitlements, map the AD groups in the entitlement map. After approval, when the tasks are created for the requested application entitlement, the tasks for AD groups would also be created and provisioned.
If you want to explicitly create tasks for AD groups after the tasks for the request application entitlements are completed, then you may use actionable analytics which would trigger add access for the AD groups. In the SQL query in analytics, you would determine any requests which were completed and tasks completed, you can trigger AD groups provisioning for such records.
Could you please share a screenshot of the Entitlement Map? Also, please make sure that the Request-Option for the AD Group entitlement type is set to something other than None (e.g., None(Create Task), Table, etc.)