Hi Everyone,
We have configured ServiceDesk integration in our tenant to manage and create tickets for disconnected sources. The Remove All Access feature is enabled in the Terminate Lifecycle state, and our expectation is that this should trigger a single termination ticket for disconnected sources.
However, while tickets are being created as expected, we have observed the following behavior:
-
The system generates one SDIM Request per source.
-
Within each SDIM Request, there are multiple RITMs, with each RITM corresponding to a disconnected entitlement that Identity is holding.
Has anyone else encountered this behavior in their design, and if so, how was it addressed?
FYI:
- we are assigning the Disconnected entitlement through Requestable Role.
- Tested the Same Scenario by adding the Disconnected sources to Disable Account option in terminate Lifecyle state Still we are seeing the Duplicate cross source RITMs.
- We also Observed that Assignment group value is not getting populated in tickets.
Actually Observed:
Termination Event (Remove All Access)
|
v
ISC evaluates entitlements
|
±-> Connected source → Auto-provision
|
±-> Disconnected source A → REQ #1
| |
| ±-> RITM: Entitlement A (Entitlement Source A)
| ±-> RITM: Entitlement B (Entitlement Source B)
|
±-> Disconnected source B → REQ #2
|
±-> RITM: Entitlement A (Entitlement Source A)
±-> RITM: Entitlement B (Entitlement Source B)
Expecting:
Termination Event (Remove All Access)
|
v
ISC evaluates entitlements
|
±-> Connected source → Auto-provision
|
±-> Disconnected source A → REQ #1
| |
| ±-> RITM: Entitlement A(Entitlement Source A)
|
|
±-> Disconnected source B → REQ #2
|
±-> RITM: Entitlement B(Entitlement Source B)