Hi folks
We are currently doing an email automation process within SailPoint and Active Directory by using cloud rules and after creation rule to execute the powershell script to generate the unique samaccountname let Workday to release from the responsibility as the golden source of both work email address and samaccountname.
However, the client’s HR team shared their concerns that the HR hiring process in Workday have a high dependency on the work email field. The work email is one of the critical elements to complete the hiring process in Workday. Since the HR analyst will no longer need to define the email address during the hiring process after solution implemented. It means SailPoint will pick up the responsibility to provide the work email back to workday by attribute sync. The client HR team has a strong requirement that they want the work email sync back to Workday as soon as SailPoint defined the email address.
There are also some limitation we are facing since the legacy setting in client’s SailPoint tenant and the requirements of the email automation design:
-
There is a complex transform for calculating the lifecycle state which cause the Workday (Webservice connector) only can perform once aggregation per day
-
The email naming convention logic will return null when failed to an unique and proper email address after trying 2-3 defined logic.
I would like to check any solutions like workflow, webservice operation rule, cloud rule or additional configurations may suit the client’s expectation to make the sync asap. We would like to seek any prior experience with attribute sync or similar solution on the attribute sync, I would appreciate any best practice, insights or idea will be helpful.
Thanks,
Jacky