This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Technical Rules for Birthright assignment of Enterprise Roles not getting triggered

Go to solution
varunpuri
New Contributor III
New Contributor III

‎01-24-2023 06:18 AM

Hi,

We have created 2 types of Technical Rules :
1. For AD Account creation
2. For assignment of Enterprise Roles. Those enterprise roles are further associated with AD Groups.

When we Create a new user, we see that the Technical Rules for AD Account creation get triggered and create tasks of type Create Account on AD.

But, the technical rules for assigning Enterprise Roles are not triggered at all. Thus, no task of type Add Access gets generated for assigning the AD groups associated with Enterprise Role to the user.

Kindly assist.

Labels:
0 Kudos
8 REPLIES 8

Go to solution
sk
All-Star
All-Star

‎01-24-2023 06:28 AM

From your statement I understand that you have two Rules 1. for AD account creation 2. For assigning enterprise roles.

  1. If so, Condition/trigger point for both rules is same or different?
  2. On user history tab do you see both rules are getting trigger or not?

Regards,
Saathvik
0 Kudos

Go to solution
varunpuri
New Contributor III
New Contributor III
In response to sk

‎01-24-2023 06:39 AM

@sk : The conditions are slightly different but the attributes of user which we are importing matches both the conditions.

Also, we have seen that User History tab is only showing details of User Update Rules and not Technical Rules.

0 Kudos

Go to solution
varunpuri
New Contributor III
New Contributor III

‎01-24-2023 06:48 AM

Additionally, the logs also show that Saviynt has picked up the Rule for execution.

varunpuri_0-1674571652790.png

Is there an explicit configuration using which we need to ensure that evaluation of rule Birthright_AD_ALL_ALL_GR always succeeds evaluation for rule Create Birthright Application Account ?

0 Kudos

Go to solution
sk
All-Star
All-Star
In response to varunpuri

‎01-24-2023 08:32 AM

Can you share the screenshot of rule condition and action?


Regards,
Saathvik
0 Kudos

Go to solution
varunpuri
New Contributor III
New Contributor III

‎01-24-2023 11:26 AM

@sk  - please find the snapshot below :

varunpuri_0-1674588350890.png

 

0 Kudos

Go to solution
sk
All-Star
All-Star
In response to varunpuri

‎01-24-2023 11:43 AM

Can you please share the screenshot of other rule you created for AD.

Also I hope you are running Job DetectiveProvisioningRulesJob 


Regards,
Saathvik
0 Kudos

Go to solution
varunpuri
New Contributor III
New Contributor III
In response to sk

‎01-24-2023 12:01 PM

@sk : I was able to fix it. The problem was here -

varunpuri_0-1674590391159.png
I changed it to - 

varunpuri_1-1674590437778.png
After this, the Add Access tasks started appearing in the Pending Tasks section.

Thank You for your assistance.

Go to solution
rushikeshvartak
All-Star
All-Star
In response to varunpuri

‎01-24-2023 12:27 PM

Request option for Entitlement Type should None (create task)


Regards,
Rushikesh Vartak
0 Kudos
Copyright © 2023 Khoros, LLC