and more in a single search tool across platforms. Read the announcement here. |
05/08/2024 02:55 AM
Hi All,
We created a simple technical rule.
When the following two users are registered here, both users are granted the Enterprise Role "R-SysCriRole5."
============
User1 : CP1 : Red, CP2 : null
User2 : CP1 : null, CP2 : Blue
============
In this state, a change is made to remove the second condition as shown in the diagram below.
Then, because user2 does not meet the condition, a task should be generated to revoke the enterprise role. However, even after changing the rule, no task is created.
Even though there are no changes to the user attributes, how can access be revoked for those who do not comply with the conditions when the rule is changed?
Solved! Go to Solution.
05/08/2024 03:20 AM
Hi @JPMac As far as I know, changing a technical rule condition will not trigger removal of access/role from the user.
I would suggest you to setup an actionable analytics control to detect such users and deprovision the role from the user profile.
Let me know if you need more info.
05/08/2024 03:38 AM
You need to create user update rule along with technical rule