Windows/Linux servers which require recertification of user accounts added to the host. When a certifier revokes an account, we don’t want the account removed automatically. We want to manage removals through CHG controls. As a result, we need to validate if we can disable provisioning only for these certifications without removing provisioning strings from the application level.
In SailPoint we refer the action taken by the certifier however the revoke operation we will perform through chg control.
Please suggest for a possible solutions.
@bhanuprakashkuruva , thanks for your suggestion, I have reviewed the atricle. My used case is bit different.
In user access recertification, the certifier revoke the user access during the certification cycle and sign off, this process remains OOTB however we don’t want the revoke operation can happen in target. Once certifier sign off the certification camping basis on the action taken (revocation) for those specific users, we want to open a ServiceNow Change ticket and then remove those users from target either through manual transaction or batch after the Change ticket approved. I am trying below