I have an flatfile based application say “App1” and it has 3 entitlements in entitlement catalog. (ent1,ent2,ent3)
When I run account aggregation for this App1, the file has 4 different entitlements for a user in the source file(ent1, ent2, ent3, ent4), the identity cube for this user is showing 4 entitlements but I was expecting only 3 to be in the users identity entitlement list.
please help me understand how to go about not aggregating that one ent’ whichi is not in the entitlement catalog for this app.
There is an option in the Aggregation task which allows new entitlements to be created (promoted) when found in the input file. This option is ‘Promote managed attributes’ (a managed attribute = entitlement)
If you don’t want to create new entitlements during aggregation disabled this option (‘Promote managed attributes’)
Hi @vinay_bethi .
As Remold mentioned, the ‘Promote managed attributes’ in Aggregation Task can be used to add the fourth entitlement into the catalog. If you are trying avoid the entitlement being aggregated you can use a Customization rule to skip remove that value being added to the resource object
+remark here. Pushing managed attributes to entitlement catalog with “Promote managed attributes” is not capable to detect deleted managed attributes. You must then either implement some custom cleanup or preferably implement separate entitlement aggregation where “Detect deleted” is possible.
Opposite Scenario - we have users that are missing entitlements from a flat file load. Is disabling promote when we load the account file, going to allow us to manage the entitlement load and see that all get tied to the user? Or is there something else?
The Promote Managed Attribute option automatically promotes any values for entitlements or permissions encountered while running the task as Managed Attributes. Disabling this will not load entitlements to the catalog. But this cannot be used to identify missing entitlements.