and more in a single search tool across platforms. Read the announcement here. |
03/05/2024 06:43 AM
When user is changing the department, user's access should be deleted immediately
Also access owned by User should transfer to his manager.
For this I have created the user update rule but task is generated for revoke access but no task and request is generated for transfer ownership to his manager.
I have attached below screen shot for condition and configuration. Please suggest me proper configuration for this above requirement.
Condition:-
Action:-
Please check configuration in above mentioned screenshot and suggest me if anything more required.
03/05/2024 07:42 AM - edited 03/05/2024 07:42 AM
Hi @sumit_morchhale , Task is not expected for transfer Ownership.
Transfer Ownership | Changes Owners only. No Task is created. | When a user's status changes to disabled or terminated, it is important to change ownership of identity objects belonging to the inactive user to 'Owner on Terminate' user in User Details page. Purpose of Transfer Ownership is to change the ownership of various operations, from the original disabled user to the user selected in 'Owner on Terminate' field in User Details. For example, let us say user x is configured with user y as 'Owner on Terminate'. Based on specified condition in User Update Rule if userstatuskey is 0 (disable or terminated) for user x then for selected objects the ownership is transferred to user y in this sample example. The user update rule is run when the condition specified is met and for selected objects, the ownership is transferred to the user selected in "Owner On Terminate" field in User Details Tab for the user being disabled or terminated. In addition, you can also select an email template, which you want to send as an intimation to the new owner informing about the change in ownership. Additionally, an email is also sent to the new owner for ownership change. For Service Accounts, owners are specified. To handle use-case of owners of service account getting terminated, you can use User Update Rule feature to create a rule if the user account is changed to inactive (0). As soon as the current service account owner is terminated, user update rule with action "Transfer Ownership" is triggered and the current owner will be replaced by OwnerOnTerminate user as the service account owner. OwnerOnTerminate must be pre-defined in the current user definition before the current owner is terminated. You can configure the User Update Rule when:
Additional description for actions related to Transfer Ownership is given below.
|
Thanks,
Amit
If this answers your query, Please ACCEPT SOLUTION and give KUDOS.