Share all details about your problem, including any error messages you may have received.
Hi all, the above result is generated from a custom Certification Activity by Application Live Report. From our implementation, once the certification has been revoked and the relevant reviewers have signed off on this decision and the maintenance task is ran. This column should be populated with the value “yes” however, as seen from the screenshot this is not the case.
Moreover, when this certification has been revoked it is suppose to raise an access request for this revocation, but when i review the audit logs i am unable to find the corresponding access request for this revoked certificate.
what could be the problem? is it simply because i did not enable “Scan for completed revocations“ in the maintenance task? or could it be a deeper underlying issue?
For any of the user where access is revoked, do you see any workitem raised as of Remediation type?? and also do you see the relevant access is removed from the user profile??
Hi Naveen,
when looking the certification object xml, i see the within the tag
Not to sure if this information tells me that there is an open workitem.
And I can see within the user’s identity object, that the entitlement access has been removed.
As I am working under limitations, is there a way to find a corresponding workitem (if any) to the certification through the debug page?
Go to workitem page, and filter the workitem with type Remediation and then see , all the remediation workitem raised for the access review. If you are archiving the remediation workitem type, then you have to go to workitem archive, and then search for the access review one.
Hi Naveen,
I am unable to find the corresponding work item for remediation for that certification.
what would you advise to do if I have a certification raised>some users entitlement are revoked and this is signed off by all certifiers. however I when the certification activity live report is generated has an empty value for the “revoked completed“ for that user. what should i do?
IF you can’t se anything there that’s fine. The remediation workitem in the workitem page is for disconnect application.
For direct connected one , what you can do , Go to global settings and Provisioning, search with the identity , and put source as Certification, and you will see the transaction detail there as well.
Thank you for your help, I have managed to figure the problem!
Additionally, I want to ask if it is possible to have an additional column in the Certification Activity by Application Live Report, that shows the actual datetime that the entitlement was removed from the user’s identity object xml? if it is possible, how do i go about implementing this change
Glad you are able to Figure it. Yes it is possible, you need to add the column and write the code o populate the value of that column. Try it in lower enviornment.
