We are configuring a JDBC connector and observed that the account query is not providing us the expected output. Below is the query which we are using
"SELECT USR_ID,USR_GRP_SID,USR_PASSWD,DELETED_IND FROM WHERE USR_ID IS NOT NULL AND DELETED_IND = ‘N’ "
And below is the snippet of the DB for sample user.
USR_GRP_SID is the group/entitlement ID. As this user is having 3 entitlements with DELETED_IND entry as N we are expecting all the 3 entitlements be aggregated for the user.
However only one entitlement is visible for the user as below
It’s looks good. Did you get all the groups during the aggregation? If yes can you do the entitlement reset and try once again. Because i have faced similar issue in another connector once i reset and reaggregated it got resolved.
It happens during aggregation only. Because if I don’t include the above query where DELETED_IND =‘N’ then I am able to see all entitlements.
Also with each time when aggregation is run the entitlement value switches as below
2 Access Profiles in total is being used for provisioning and de-provisioning
AP1 has Single entitlement id = 8.
AP2 has multi ent id which are 20 and 24
When i run aggregation for 1st time I get to see the entitlement id 8 on user(Only one ent belonging to AP1)
Again if i run for 2nd time i get to see ent 20 and 24 on user.(Both ent belonging to AP2). Either one of these AP’s are seen with user
The AP is provisioned through Role or through Access Request? If through the role can you create another dummy role and add the all 3 ent and assign only for the user that you are facing this issue and check it works or not.
Can you check in database and make sure that with the row where ID=8, the DELETE_IND field contains “N” as a single character and not spaces etc.
If it looks good i would ask you to update the value DELETE_IND column value to something else once aggregate in ISC and then change it back to “N” and see if that works.
