Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Rule repairing through retrofit

shefalipatidar
New Contributor
New Contributor

We have a rule which assign a group to the users is the users met condition. But this rule is not creating remove access task if the users do not match the condition even if (Remove access if birthright fails is enabled). We are trying retrofit option for this rule will it create remove access task as soon as the rule is repaired?? And if not then how will it work, will it remove the groups assigned to the users who do not satisfy the condition.

4 REPLIES 4

NM
Honored Contributor III
Honored Contributor III

Hi @shefalipatidar you have to create a detective job for the same.

Was the group assigned via rule itself ?

yes group was assigned via rule

  • Please share rule configuration screenshot.
  • Logs in text file

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Amit_Malik
Valued Contributor II
Valued Contributor II

HI @shefalipatidar ,

"if the users do not match the condition"  - I am assuming that user attribute changed and user is not matching the condition. So when the attributes change, do have have zero day rules evaluated?

Or user updated rule to re-run provisioning rules ?

Or run the rules via detective rule run job ? if the rule is detective 

 

As the rule is birthright rule and it should create remove access task if the access was added by rule. I would suggest to stick to making rule work rather switch to another solution.

 

Thanks,

Amit

If this answers your query, Please ACCEPT SOLUTION and give KUDOS.

 

Kind Regards,
Amit Malik
If this helped you move forward, please click on the "Kudos" button.
If this answers your query, please select "Accept As Solution".