IdentityNow Bulk Access Profile and Role Importer - How to import a role with an entitlement

Hi all,

can someone give me a tip on how to create a new role with one entitlement using the “IdentityNow Bulk Access Profile and Role Importer tool”? I currently only want to test this via the command line. My command looks as follows:

ruby roleImporter.rb -c createRole,"Example Role","This is an Example Role",TRUE,"firstname.lastname",,"Active Directory:sAMAccountName:HR_All",true,manager,true,true,manager,,


...
WARNING : Create Role : Issue with ‘Active Directory:sAMAccountName:HR_All’ : could not find it or there was an issue retrieving it with the following message : Success
....

The role is created, and the owner is also correct. Updateing the role works fine. But something goes wrong when determining the entitlement. I suspect it’s related to the way I’m referencing it, but I’m not able to figure it out from the documentation at this point. My source is called “Active Directory” (I’ve verified this via API call), and as I understand it, the attribute to match should follow, then the comparison value.

Thank you for your help.

Hi @ChristinaLindenberg,

The command requires the use of an entitlement attribute type. For example, if I want to add an entitlement from the “ActiveDirectory” source, where “memberOf” is the entitlement type and the name is “ABC”, the command would look like this:

createRole,“Example Role”,“This is an Example Role”,TRUE,“firstname.lastname”,“ActiveDirectory:memberOf:ABC”,true,manager,true,true,manager,

Hi @ChristinaLindenberg

try to replace as below in the data and use the attribute1 and attribute2 same as schema attribute which was marked as the entitlement in your source configuration and

source1:attribute1:Entitlementname1;source2:attribute2:Entitlementname2

should work if you are try the above.

Thanks.

Thanks a lot, it works like a charm now.