I am new to ISC, trying to explore things based on IIQ knowledge, whenever last name changes on Identity I wanted the display name or email attribute on a particular target lets assume Active directory needs to be updated based on identities latest attributes, assume I have a rule defined already which is used during Create account for the email attribute , how can I trigger that rule during last name update as well
In IIQ I know we can do this via Life cycle event or a target mapping, but how I can do in ISC, based on some read got to know this can done via Identity attribute change trigger workflow, but not able to find how can I add a rule to the actions, as I don’t see such thing, help would be appreciated.
@iamksatish You can achieve this use case in different ways:
For your case you probably using the account attribute generator (cloud rule) in create profile to generate the unique email address.
Solution for email:
You can move the rule from create provisioning policy to Identity Profile Attribute mapping and enable attribute sync for the source that you want to sync for e.g. Active Directory.
Solution for displayName:
You can create a transform to generate displayName and enable attribute sync.
Agree! you have a rule during create but when you want to update the email with last name you also need to check the uniqueness of it.
Step1: Generate your email using Identity Attribute generator rule (which will generate a unique email)
Step2: Create a transform which will first look into AD email and then will get the value from your Identity Attribute generator rule, compare both and update the new one.
Step3: Create a new identity attribute attach the transform and use update provisioning policy profile to update it.
displayName will anyway will be changed in identityNow if the last name is changed in the authoritative source right?
If you are using some other attributes to identify the name change then you can create a new identity attribute and map the attribute and sync it to target.
Just a quick note, it is not recommended to use an identity attribute generator if you are looking for unique values during the generation. Instead, it would be best to handle in a Before Provisioning rule. You could catch this operation on the Modify operation of the last name if it is already setup as attribute sync to that source.