Configure and Launch a Manager Certification for the ‘Business - App’ application. This should certify both entitlements and accounts on the application.
Define a Certification Exclusion Rule to exclude entitlement value which is ‘Admin’.
The Certification should not include Inactive Employees for its launch.
The active period of the certification should be 1 day. After this time period, all undecided items should automatically taken as approved.
Launch the Certification.
Expected Output:
Certification is launched successfully and is in Active Phase
Upon clicking, the individual certifications are assigned to various managers, each having the subordinates accounts for review.
Upon a revoke/approve decisions of all the items under a Manager Access Review, the system should prompt for sign-off.
Upon sign-off, a revocation work item is created and assigned to the application owner for all items that were decided as Revoked.
for exclusion rule I used the below code:
import sailpoint.object.Identity;
log.trace(“Entering Exclusion Rule.”);
String explanation = “”;
Identity currentUser = (Identity) entity;
if(currentUser==null){
return “Identity is null”;
}
else{
if ( currentUser.isInactive()) {
log.trace("Inactive User: " + currentUser.getName());
log.trace(“Do not certify.”);
itemsToExclude.addAll(items);
items.clear();
explanation = “Not certifying inactive users”;
}
else if (currentUser.getAttribute(“User Level”).equals(“Admin”)) {
log.trace("Identity is Admin: " + currentUser.getName());
log.trace(“Do not certify.”);
itemsToExclude.addAll(items);
items.clear();
explanation = “Not certifying contractors”;
}
else {
log.trace("Active Employee: " + currentUser.getName());
log.trace(“Do certify.”);
}
}
return explanation; * An unexpected error occurred: The application script threw an exception: java.lang.NullPointerException: Attempt to invoke method equals on null value BSF info: Admin With Null at line: 0 column: columnNo
in the elseif block condition check currentUser.getAttribute(“User Level”) is not null or empty before doing currentUser.getAttribute(“User Level”).equals(“Admin”)
Access Review ‘Manager Access Review for Aaron Nichols’ was not created because there were no users to certify.
Access Review was not created for sailpoint.object.Identity@38db6248[id=a9fe2b0b880e172081880f3884b901c4,name=1c2a3a] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@50328c32[id=a9fe2b0b880e172081880f3884eb01c6,name=1c2a3b] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@5df2739b[id=a9fe2b0b880e172081880f38851e01c8,name=1c2a3c] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@3ddbe3f3[id=a9fe2b0b880e172081880f38854501ca,name=1c2a3d] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@17821423[id=a9fe2b0b880e172081880f38844601be,name=1c2a] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@16e8813b[id=a9fe2b0b880e172081880f38856d01cc,name=1c2b3a] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@72eba12[id=a9fe2b0b880e172081880f3885a601ce,name=1c2b3b] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@582c988a[id=a9fe2b0b880e172081880f3885d801d0,name=1c2b3c] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@75c3a922[id=a9fe2b0b880e172081880f38861c01d2,name=1c2b3d] because there were no Identities to certify
Access Review was not created for sailpoint.object.Identity@2a61574c[id=a9fe2b0b880e172081880f38846901c0,name=1c2b] because there were no Identities to certify
And also I’m getting this warning when opened the scheduled certification.can you please help me.
You would need to confirm if you need to exclude items where userlevel is null or not.
Also, to test this you can pick a manager which you think should have items generated and validated if appropriate items are being displayed.