We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Technical Rules for Birthright assignment of Enterprise Roles not getting triggered

varunpuri
Regular Contributor
Regular Contributor

Hi,

We have created 2 types of Technical Rules :
1. For AD Account creation
2. For assignment of Enterprise Roles. Those enterprise roles are further associated with AD Groups.

When we Create a new user, we see that the Technical Rules for AD Account creation get triggered and create tasks of type Create Account on AD.

But, the technical rules for assigning Enterprise Roles are not triggered at all. Thus, no task of type Add Access gets generated for assigning the AD groups associated with Enterprise Role to the user.

Kindly assist.

8 REPLIES 8

sk
All-Star
All-Star

From your statement I understand that you have two Rules 1. for AD account creation 2. For assigning enterprise roles.

  1. If so, Condition/trigger point for both rules is same or different?
  2. On user history tab do you see both rules are getting trigger or not?

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

varunpuri
Regular Contributor
Regular Contributor

@sk : The conditions are slightly different but the attributes of user which we are importing matches both the conditions.

Also, we have seen that User History tab is only showing details of User Update Rules and not Technical Rules.

varunpuri
Regular Contributor
Regular Contributor

Additionally, the logs also show that Saviynt has picked up the Rule for execution.

varunpuri_0-1674571652790.png

Is there an explicit configuration using which we need to ensure that evaluation of rule Birthright_AD_ALL_ALL_GR always succeeds evaluation for rule Create Birthright Application Account ?

Can you share the screenshot of rule condition and action?


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

varunpuri
Regular Contributor
Regular Contributor

@sk  - please find the snapshot below :

varunpuri_0-1674588350890.png

 

Can you please share the screenshot of other rule you created for AD.

Also I hope you are running Job DetectiveProvisioningRulesJob 


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

varunpuri
Regular Contributor
Regular Contributor

@sk : I was able to fix it. The problem was here -

varunpuri_0-1674590391159.png
I changed it to - 

varunpuri_1-1674590437778.png
After this, the Add Access tasks started appearing in the Pending Tasks section.

Thank You for your assistance.

Request option for Entitlement Type should None (create task)


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.