Automatic roles assigned

IIQ version 8.4p1

Hi and Hello,

We have automatic roles that should be assigned and detected depending on the attribute on the identity. The roles are connected to AD.

The attribute changes correctly and the roles are saved correctly to the accounts. Unfortunately, the old roles do not removed, after a few attribute changes they even duplicate.

I have the correct roles as assigned. Those that should disappear after refresh are still detected.

I have success in the transaction. I do not see an error in the roles. There are diffrent requirements for the appropriate roles. The old ones do not disappear.

I am waiting for each answer.

best regards,
Adam

Assigned role is removed but still detected is on identity ? Does the corresponding entitlements are removed ?

Also do you having some setting that don’t remove entitlements if the roles are removed ?

@vishal_kejriwal1
Thank you for answer.

First question,
entitlements are no removed.

Second question,
No. I have only rights to asigne when is active and have attribute. Attribute is change so I want to change asigne roles.

Regards,
Adam

image1396×1314 112 KB

What is value for below 2 ?
Retain assigned entitlements when detected roles are removed
Retain assigned entitlements when assigned roles are removed

@vishal_kejriwal1
I want also delete “assigned entitlements when detected roles are removed” and
delete “assigned entitlements when assigned roles are removed”

but maybe here I can use some options.

Regards,
Adam

You need to unselect both the options.

Yes. I do not have any of this option. I should have any other? I only choose some option on refresh task. Do I need do something more somewhere?

What option did you chose ? Share the screenshot ?

Just try with
Provision assignment and Refresh assigned, detected roles, and promote additional entitlements

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.