Manually Correlated Accounts Report

IdentityIQ (IIQ) IIQ Community Knowledge Base
,
1

In certain situations, it becomes necessary to generate a report of all accounts that have been manually correlated. This can be essential for auditing purposes, compliance checks, or simply to understand the extent of manual interventions in the identity correlation process.

You may be able to use the out-of-the-box report called “User Account Attributes Report,” but this report only works for a single application. In contrast, my report shows all applications in IdentityIQ, providing a comprehensive overview.

In this post, I will give you a ready-to-go example on how to create such a report. By following these instructions, you will be able to identify and list all accounts that were manually correlated, enabling you to maintain accurate and up-to-date records.

Let’s dive into the details and learn how to generate this report efficiently.

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE TaskDefinition PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<TaskDefinition executor="sailpoint.reporting.LiveReportExecutor" name="Manually Correlated Accounts" progressMode="Percentage" resultAction="Rename" subType="Identity and User Reports" template="true" type="LiveReport">
   <Attributes>
    <Map>
      <entry key="report">
        <value>
          <LiveReport title="Manually Correlated Accounts Report">
            <DataSource objectType="sailpoint.object.Link" type="Filter">
              <OptionsScript>
                <Source>
                  import sailpoint.object.Filter;
                  import sailpoint.object.Identity;
                  import sailpoint.object.Application;
                  import sailpoint.tools.Util;
                  Filter f1;
              		f1 = Filter.eq("manuallyCorrelated", true);
                  String applicationField = args.get("app");
                  if(applicationField != null) {
                  	Application app = context.getObject(Application.class,applicationField);
                    String applicationName = app.getName();
                    if(f1 == null) {
                        f1 = Filter.eq("application.name", applicationName);
                    } else {
                        f1 = Filter.and(f1,Filter.eq("application.name", applicationName));
                    }
                  }
                  options.add(f1);                 
                </Source>
              </OptionsScript>
            </DataSource>
            <Columns>
              <ReportColumnConfig field="nativeIdentity" header="Native Identity" property="nativeIdentity" sortable="true" width="32"/>
              <ReportColumnConfig field="applicationName" header="Application Name" property="application.name" sortable="true" width="32"/>
              <ReportColumnConfig field="displayName" header="Display Name" property="displayName" sortable="true" width="32"/>
              <ReportColumnConfig field="manuallyCorrelated" header="Manually Correlated" property="manuallyCorrelated" sortable="true" width="32"/>
              <ReportColumnConfig field="identityName" header="Identity Name" property="identity.name" sortable="true" width="32"/>
              <ReportColumnConfig field="identityFirstName" header="Identity First Name" property="identity.firstname" sortable="true" width="32"/>
              <ReportColumnConfig field="identityLastName" header="Identity Last Name" property="identity.lastname" sortable="true" width="32"/>
            </Columns>
          </LiveReport>
        </value>
      </entry>
    </Map>
  </Attributes>
  <Description>Displays the name and full/part time status of users with the given first name</Description>
  <Signature>
    <Inputs>
      <Argument name="app" type="Application">
        <Prompt>Application</Prompt>
      </Argument>
    </Inputs>
  </Signature>
</TaskDefinition>
5 Likes
2

This is very useful and thanks a lot for sharing @kjakubiak!

Regards,
Muhammad