Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Assigning enterprise roles from technical rule

parthaghosh
New Contributor III
New Contributor III

Hello everyone,

We need to assign Enterprise roles from Technical rules. Technical rules are detective and run by a detective job.

but the Enterprise role is not getting assigned, after the rule run.

Ent roles have entitlements assigned. If I directly request the ent roles, its creating tasks for adding the entitlements and after the entitlement provision, the role is assigned.

but, unfortunately , from technical role, the tasks are not getting created.

If I add any entitlement in the Rule Action, that time it works fine. But not for Enterprise roles.

 

any advice will be appreciated.

 

thank you,

Partha

10 REPLIES 10

dgandhi
All-Star
All-Star

Can you give screenshot of your technical rule once?

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

parthaghosh
New Contributor III
New Contributor III

Hi Devang,

this is the technical rule

parthaghosh_0-1689834459304.png

 

in place of enterprise role, if I add object an entitlement, its working, creating task.

Hi @parthaghosh ,

In advanced config query from above screenshot, I can see two consecutive AND after first condition a.customproperty1=1 AND AND

Can you remove one and try.


Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂

parthaghosh
New Contributor III
New Contributor III

thats was a typo. corrected.

Still not working?

is zerodayprovisioning and checkrules values are set true?


Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂

parthaghosh
New Contributor III
New Contributor III

We are running the tech rules from detective job.

the problem is coming, when any user matching the rule condition and have already entitlements assigned (which are part of the Enterprise rule), then its failing. and skipping all ther satisfied users in the rule.

its setting a completed task for add access for that user with existing entitlements, and marking as NO ACTION REQUIRED. Ideally it should assign the Enterprise role when entitlements are already provisioned. The log is coming something like this:

2023-07-20/09:34:58.437 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - account exists.
2023-07-20/09:34:58.441 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - Checking Account type PA-C with endpoint Primary Account type-null
2023-07-20/09:34:58.441 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - accentqry params = [accountid:121456, ed:Thu Jul 20 09:34:58 UTC 2023]
2023-07-20/09:34:58.457 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - Attaching ep to session2
2023-07-20/09:34:58.465 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - request_access.enddate = null and account_entitlements1.enddate =null
2023-07-20/09:34:58.465 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - request_access?.enddate > account_entitlements1.enddate = false
2023-07-20/09:34:58.465 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - creating task with STATUS_NO_ACTION_REQUIRED as enddate is not updating
2023-07-20/09:34:58.478 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - parent account: null , parent entitlement: null
2023-07-20/09:34:58.482 [{}] [quartzScheduler_Worker-3] DEBUG services.ArsTaskService - exactRaforRole--null
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error groovy.lang.MissingPropertyException: No such property: tasks for class: com.saviynt.ecm.services.ArsTaskService
Possible solutions: class
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.unwrap(ScriptBytecodeAdapter.java:50)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.callsite.PogoGetPropertySite.getProperty(PogoGetPropertySite.java:49)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callGroovyObjectGetProperty(AbstractCallSite.java:231)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at com.saviynt.ecm.services.ArsTaskService$_createTaskEntRoles_closure19_closure218_closure222_closure224.doCall(ArsTaskService.groovy:1363)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at sun.reflect.GeneratedMethodAccessor8679.invoke(Unknown Source)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at java.lang.reflect.Method.invoke(Method.java:498)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:90)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1086)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1110)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:910)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.Closure.call(Closure.java:411)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.Closure.call(Closure.java:427)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.DefaultGroovyMethods.each(DefaultGroovyMethods.java:1325)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.DefaultGroovyMethods.each(DefaultGroovyMethods.java:1297)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.dgm$148.invoke(Unknown Source)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoMetaMethodSiteNoUnwrapNoCoerce.invoke(PojoMetaMethodSite.java:271)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:53)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at com.saviynt.ecm.services.ArsTaskService$_createTaskEntRoles_closure19_closure218_closure222.doCall(ArsTaskService.groovy:1346)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at sun.reflect.GeneratedMethodAccessor8653.invoke(Unknown Source)
2023-07-20/09:34:58.484 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at java.lang.reflect.Method.invoke(Method.java:498)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:90)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:233)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1086)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.ExpandoMetaClass.invokeMethod(ExpandoMetaClass.java:1110)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:910)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.Closure.call(Closure.java:411)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at groovy.lang.Closure.call(Closure.java:427)
2023-07-20/09:34:58.485 [{}] [quartzScheduler_Worker-3] DEBUG println.PrintlnToLogger - Println :: | Error  at org.codehaus.groovy.runtime.DefaultGroovyMethods.each(DefaultGroovyMethods.java:1325)

rushikeshvartak
All-Star
All-Star

Since this is technical rule.

Are you uploading user / creating user ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

parthaghosh
New Contributor III
New Contributor III

Hi Rushikesh,

Users are created through REST call. --> after that some custom query based post processing happening, --> then a job triggers a detective technical rule --> this creates new account and add access as birthright --> then wsretry job provisions that.
everything is happening by a chain job sequentially.
now, we want to assign some ENT roles through some other technical rules. but while calling those using detective job, its not creating the tasks.

 

thanks,

Partha

User is already created then how technical rule will be called ? did u created user update rule to call technical rule.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

calling it using detective job.