Hi experts,
We are working with certification account, and I would like search accounts in the certification applying a filter. In this case, I would like filter accounts in status locked(Locked Account = true)
In our case there are accounts with Locked Account value as ‘true’ as is showed in the following image
But, when I try seach by Locked Account, true or false values are not showing
Any idea about this issue?
Thanks in advance
I would create an Certification Exclusion Rule to exclude accounts where locked==true
See Rules In IdentityIQ for an example of a similar CertificationExclusion rule.
You can specify the Exclusion Rule in the Advanced section when configuring a Certification Campaign:
– Remold
hi @Remold
Thanks for your quick response. In our is neccesary include accounts locked because certifier user must take action approve/revove of these accounts
Sorry Ismael, I did not read the question correctly 
Is the attribute Locked Account a searchable Identity Attribute ?
(Best to see via Debug->ObjectConfig->Link see if the ObjectAttribute element has a propery extendedNumber with value between 1 and 5)
– Remold
In our case, there is not extensionAttribute. The object Link is the following
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE ObjectConfig PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<ObjectConfig name="Link">
<ObjectAttribute displayName="Locked Account" editMode="ReadOnly" name="lockedAccount" namedColumn="true" type="string">
<RuleRef>
<Reference class="sailpoint.object.Rule" name="Rule-FrameWork-Locked"/>
</RuleRef>
<AttributeSource name="GlobalRule:Rule-FrameWork-Locked">
<RuleRef>
<Reference class="sailpoint.object.Rule" name="Rule-FrameWork-Locked"/>
</RuleRef>
</AttributeSource>
</ObjectAttribute>
<ObjectAttribute displayName="Disabled Account" editMode="ReadOnly" name="disabledAccount" namedColumn="true" type="string">
<RuleRef>
<Reference class="sailpoint.object.Rule" name="Rule-FrameWork-Disabled"/>
</RuleRef>
<AttributeSource name="GlobalRule:Rule-FrameWork-Disabled">
<RuleRef>
<Reference class="sailpoint.object.Rule" name="Rule-FrameWork-Disabled"/>
</RuleRef>
</AttributeSource>
</ObjectAttribute>
<ObjectAttribute displayName="Privileged Account" editMode="ReadOnly" name="psAccount" namedColumn="true" type="string">
<RuleRef>
<Reference class="sailpoint.object.Rule" name="Rule-FrameWork-PSA"/>
</RuleRef>
<AttributeSource name="GlobalRule:Rule-FrameWork-PSA">
<RuleRef>
<Reference class="sailpoint.object.Rule" name="Rule-FrameWork-PSA"/>
</RuleRef>
</AttributeSource>
</ObjectAttribute>
</ObjectConfig>
We noted that this issue occurs with users without administration capability.
In this case, scope was not properly set in the identity, so for this reason information was not being showed properly in the filer.
We disabled scope configuration and finally we were able to apply filter properly
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.