I want to filter uncorrelated accounts in creation rule

Which IIQ version are you inquiring about?

8.3

Share all details about your problem, including any error messages you may have received.

I want to filter the uncorrelated accounts in creation rule. how can i do that?

You can use the option “Only create links if they can be correlated to an existing identity” in account aggregation instead of writing logic for filtering or excluding the creation of those accounts.

image1406×608 26.7 KB

Due to some reasons i was told not to use this check… i need to write logic in creation rule.

I don’t think that will be possible because identity creation rules are used to set attributes on new identity objects when they are created. And this return type is void, not something like any other type like the customization rule does. We can only update or set something on the created accounts. And moreover, this rule will execute only one time for the accounts at the time of creation. In the next aggregation, this rule won’t be executed for the accounts already created. So, by mistake, if you do also next time, you can’t change it since this rule will not execute again for the user. So, you have to handle it explicitly again.

@uttu2022

If you dont want to use this option, only option left is to use customization rule and within customization rule check if any existing identity is present , then return object else return null and in your aggregation task check detect deleted accounts to true, this way you can achieve this

You can modify this customization rule for your purposes.
write a method checkCondition within you will set your specified conditions.

public static ResourceObject customizeAccount(ResourceObject object) {
    SailPointContext context;
    try {
        context = SailPointFactory.getCurrentContext();
      
        if (checkCondition(context, object, SfConsts.CUSTOM_SF_PERSON_ID_BLACKLIST, "ExternalPersonIdBlacklist", SfConsts.PERSON_ID_EXTERNAL, 
                "is in Person ID External Blacklist. Account will not be imported into IIQ.")) {
            return null;
        }

    } catch (GeneralException e) {
        log.error("Error during SF account parsing: " + e);
        throw new RuntimeException(e);
    } catch (Exception e) {
        log.error("Severe Error during SF account parsing: " + e);
        throw new RuntimeException(e);
    }

    return object;
}

I am return null still it is creating link for the account.

I am return null still it is creating link for the account. I have added in “Additional Global Customization Rule”.

Could you please share your rule?

@uttu2022

Are you doing this at application level customization rule, please share the rule complete xml

yes i am doing at application level rule. Here is the image… if(Date.equals(“2023-08-14”)){

    return null;
  } i am doing this in customization rule it is going inside this if... 

@uttu2022
What is this Additional Global Customization Rule, OOTB you will have account customization rule, aren’t you using that

Are you saying about this rule? …It wont work in additional global rule??

Hey,

you have to navigate to Application → select app → Rules Tab

And add a rule for CustomizationRule

image1119×508 23.5 KB

Account is not getting created but still orphan identity is getting created…

try tu return null; in the creation rule

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.