Application decommission in sailpoint

IdentityIQ (IIQ) IIQ Discussion and Questions
1

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

We want to decommission few applications from sailpoint application.
Don’t want to delete, just need to break all links, disable / remove account application from user identity.
Please assist with better way for application decommissioning in sailpoint application.

2

Below are the set of steps which we follow during decommission

  1. Remove all the entitlement either by running the aggregation (adding filter so that it returns zero data) or delete from backend
  2. Remove all the Accounts either by running the aggregation (adding filter so that it returns zero data) or delete from backend
  3. Above may require detect deleted as true in aggregation task.
  4. Remove Aggregation task if added as any sequential task ( both for entitlement and account aggregation)
  5. check if any bundle is created and need to be disabled it may impact the existing users and can trigger removal
  6. Remove the connection details
  7. Enable Maintenance Mode for application .
1 Like
3

I would do this:

  1. Remove the correlation logic
  2. Run a Unoptomize aggregation
  3. Remove manually or using the Terminator class the remaining links
  4. Use the Terminator to remove the entitlements
    4.1 Deactivate any roles for that application
  5. Activate the maintenance

Best!

1 Like