Bulk Role / Access Profile Import Issue

Hello!

I’m suddenly having trouble using the IdentityNow Bulk AccessProfile and Role Importer. The version I was using has been throwing an error that wasn’t happening before:

I went to the site with the download file ( IdentityNow Bulk AccessProfile and Role Importer - Compass (sailpoint.com)) and there appears to be a newer version. This version required that I add the attribute type to each entitlement name (which was a bit of a pain) but I added that, but I’m still getting an error when it tries to update each access profile I need to updated:

Any ideas what might be wrong?

Tagging @rakesh_kapoor who is one of the contributors

So interesting thing I’ve found as I’ve been troubleshooting this, for one, the warning message in the above screenshot is saying

"those workgroups accessProfileOwner could not be found for approvalSchemeList … skipping

I tried removing that column, and the creates worked. So there seems to be some kind of issue with that column.

Another issue is that it’s a bit frustrating now when I update the profiles, they get disabled, so I’ll have to create another file to batch enable all of the profiles. Was this intended?

And I also wanted to point out that the documentation on the link above doesn’t match the documentation in the download anymore in terms of how the columns are set up, so it may need to be updated.

Thanks for any feedback you can provide!

Hello @vkashat

In my case:
“those workgroups accessProfileOwner could not be found for approvalSchemeList … skipping” was caused invalid values of “Role Approver List”

proper Values are Uppercase: MANAGER , OWNER , SOURCE_OWNER , APP_OWNER .

I’m stuck on Assign Users To Role.
My COMPLEX_CRITERIA looks like those from examples and worked for old versions but now doesn’t.

So try import again and if managed Assignment please respond

Piotr

2 Likes

So you’re saying instead of “accessProfileOwner” should I try “ACCESS_PROFILE_OWNER” instead? Or just “OWNER”?

The documentation is unclear:

Both “OWNER” and “SOURCE_OWNER” seem to be described in the same way, but maybe just “OWNER” is what I actually need?

Just tried with “OWNER” and that worked, thank you!

@rakesh_kapoor perhaps the documentation needs to be updated and clearer with this?

There are a lots of bugs, especialy in examples - they are horrible.

eg. in action “assignUsersToRole” in example is :
assignUsersToRole, Role1,COMPLEX_CRITERIA,“{”“children”“:[{”“key”“:{”“property”“:”“attribute.Department”“, ““type””:”“IDENTITY”“}, ““operation””:”“CONTAINS”“, ““value””:”“Plipipipp”“}], ““operation””:”“OR”“}”

but insted of “value” should be “stringValue”.

It’s very nice that someone made that tool but for Nobel Prize he should spent additional hour to fix doc.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.