Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Username generation rule trigger after approval

benjaminp
New Contributor
New Contributor

‎08/02/2022 08:52 AM

Hi,

I have set up the following rules for username generation when a new user is requested (in Global Configuration > Identity Lifecycle) :

  • Rule 1 : firstname (1 char) + lastname (8 char)
  • Rule 2 : firstname (2 char) + lastname (8 char)
  • Rule 3 : firstname (2 char) + lastname (8 char) + auto increment

The rules are working fine, but I still have an issue.

Example :

- Creation of user request : firstname is "John", lastname is "Smith". When the request is submitted, the generated username is "JSmith" and the request goes through an approval process.

- If someone submits another user request (let's say firstname "Jack" lastname "Smith") before the first one is approved, the generated username will still be "JSmith" in the request. The second request also goes through approval process.

- The first request is approved, the user John Smith is created with the username "JSmith".

- The second request is approved (after the first one), the user is not created and I do not see any error message displayed (I assume it is not created because the username already exists).

So my question is : how to deal with this case ?

Is there a configuration somewhere to apply the username generation rule after approval process ? Or to include pending approval users into the check for existing username in the username generation rule ?

If nothing of this is possible, how can I show an error after the approval of the second request to specify that the username is already used and therefore the user can not be created ?

 

Thanks in advance for your help !

Regards

Benjamin

Labels:
0 Kudos
2 REPLIES 2

Manikanta_S
Saviynt Employee
Saviynt Employee

‎08/02/2022 12:19 PM

Hi Benjamin,

You can use the Advance Config in the rule write a query as below.

Manikanta_S_0-1659467492842.png

concat(substring(users.firstname,1,2),users.lastname)###
concat(substring(users.firstname,1,2),users.lastname,'2') ###
concat(substring(users.firstname,1,2),users.lastname,'3') ### concat(substring(users.firstname,1,2),users.lastname,'R/D')###so on .........

In the above case if the username is found similar then it will come to next line and use that rule.

for ex: username "Jsmith" exists then it will come to next rule and username would be Jsmith2, you can choose append Alphabet, special Character or number. ensure you have enough rules.

Hope this helps!!

 

Thanks & Kind Regards,
Manikanta.S
0 Kudos

benjaminp
New Contributor
New Contributor
In response to Manikanta_S

‎08/03/2022 01:47 AM

Hi Manikanta,

Thank you for your answer.

I have tried the Advanced config option with the example you provided (I have adapted it to my case), but the problem remains the same.

The issue is not about the rule itself, which is working fine (when a user with the same username as the first rule exists, the second rule applies and so on...).

The issue is about the rule combined with an approval process (workflow).
- When a first user is requested (firstname : John, lastname : Smith, generated username : JSmith), he is pending approval according to the workflow (thus he is not created yet).
- When a second user is requested (firstname : Jack, lastname : Smith, generated username : JSmith) before the first one is approved, the generated username is the same (because the username generation rule does not include the pending approval users).
- When approving the first user request, everything goes fine.
- When approving the second user request after the first one, the user is not created (because of username already existing) and nothing is displayed (error message ...).

This case is maybe a bit tricky, but can happen.
So I need a way to handle it (include pending approval users in username generation rule check, display error message after approving the second user request...)

Regards
Benjamin

0 Kudos
Copyright © 2024 Khoros, LLC