Hi Everyone,
I was wondering if there was a way to disable an account in NERM. I know a profile’s status could be set to Terminated but I would like to see if the profile itself can be disabled so that it shows Disabled in ISC once the account is aggregated.
Thanks in advance!
Hi
To ensure that this status change is reflected as Disabled in Identity Security Cloud (ISC) upon aggregation, you’ll need to configure attribute mappings appropriately. This involves mapping the NERM profile status attribute (e.g., status) to the ISC lifecycle state attribute (cloudLifecycleState) and setting up a transformation rule that translates the Inactive status from NERM to Disabled in ISC. This mapping ensures that when a profile is marked as Inactive in NERM, it appears as Disabled in ISC after aggregation.
P.S - ISC reflects the status received from NERM based on these mappings and does not alter the original profile status in NERM.
I dont think Disabled is one of the predefined status in NERM however you can create a new attribute in NERM, map TERMINATED to Disabled and use that.
Yeah, this is the easier way you can achieve this as we don’t have a predefined status to Disable in NERM.
I mean for this to be disabled. We already have the lifecycle state configured. It makes no difference to the functionality of what we are trying to do but we want to see that Enabled changed to Disabled.
I am assuming you are WebService connector, and have you done the mapping under Connection Settings → Account Enable Status Attribute, have you added status=Active?
No, we are using the OOTB Nerm connector.
Isn’t that supposed to be used as an auth source?
Yes, it is an auth source.