Hi All,
Recently we had an issue in prod, where Leaver got triggered for 2K + users due to bad data coming from authoritative source.
Would like to understand the best practice to reduce such scenarios, Can we have any threshold like how we have in account aggregations.
I haven’t seen any threshold concept yet.
How is your leaver implemented, using workflows ? or disable accounts and/or remove access using LCS
In IIQ, we have Lifecycle events which has threshold concept. Events can be delayed as it needs a refresh task to be executed. So there can be a delay from Aggregation to Refresh, so we can do some analysis meanwhile.
But in IDN, I don’t think we have any control. When you run HR Aggregation task, automatically Identity Profile will be processing identities, calculating LCS.
You might loose some birthright access if LCS is in assignment criteria, disable source accounts.
You might need to build some custom solution outside IDN.
In one of my projects, we implemented a custom solution outside for IIQ
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.