I have configured SAP Direct connector. Its access is being reviewed under the Manager Certification. Few of the entitlements were marked revoke under the campaign. After signoff those revocation were attempted by the IIQ and it failed due to some wrong application configuration. But now those failed transaction are not re-attempted. Is this expected behavior ? How can we force to retry failed transaction ?
Perform maintenance task doesn’t seem to relaunch those failed transactions.
IIQ distinguishes between “failed” and “retry” as provisioning transaction outcomes. Out of box, it is not possible to force a failed transaction to retry.
You can add an Application entry called “retryableErrors” containing a List of Strings. If the error message from the connector contains any of those strings (e.g., “Connection failed” or whatever), the transaction will be marked “retry” and not “failed”. It will then be automatically retried either by LCM or by a Provisioning Request (an hour later, by default).
Unfortunately, you are probably going to need to write a Rule that will manually retry the failed transactions. ProvisioningTransaction objects can be queried like any other SailPoint object. Make a copy of the AccountRequest (request.cloneRequest()) in each ProvisioningTransaction, clear out the ProvisioningResult from the clone (request.setResult(null)), and run it back through the Provisioner.
(My company’s UI Enhancer plugin also adds a “retry” button to Identity Warehouse pages and the Provisioning Transaction page.)