Hi Team,
We are trying to create a password expiry notification for all the iSeries sources (around 30 sources) in our environment. SailPoint has password expiration reminder notification for AD source only. Is there a way to send the reminder email on all these source? Any help will be appreciated. Thanks.
Hi @NikeshRao2054 ,
This can surely be achieved. For a similar requirement, we implemented the below way.
Requirement:
We do have an account attribute passwordExpiryDate, requirement is send reminder email 7 days before expiration.
We did the below to acheive this:
- Set up a identity attribute eg: appNameReminderFlag which is boolean
- Used transform to populate the reminderFlag to true or false based on the expiration date. It turns to true when the expiration is exactly 7 days before.
- Developed a workflow with trigger as identity attribute changed, in this case reminderFlag from false to true.
When the workflow is initiated, send an email to the user about the expiration. This way it works for us without any issues.
Hope this helps.
Regards,
Uday Kilambi
Hi @uday_kilambiCTS Did you create a single transform for all the source? I created this transform for a source but it seems to return true for all the identity.
{
"id": "",
"name": "10 days to password expiry - iSeries",
"type": "dateCompare",
"attributes": {
"firstDate": {
"type": "firstValid",
"attributes": {
"values": [
{
"type": "dateFormat",
"attribute": {
"inputFormat": "dddd MMM dd HH:mm:ss yyyy",
"outputFormat": "ISO8601",
"input": {
"attributes": {
"attributeName": "PWDEXPDATE",
"sourceName": "iSeries - Cesium"
},
"type": "accountAttribute"
}
}
},
"2099-01-01T00:00:00Z"
]
}
},
"secondDate": {
"type": "dateMath",
"attributes": {
"expression": "now+10d/d",
"roundUp": false
}
},
"operator": "lt",
"positiveCondition": "true",
"negativeCondition": "false"
},
"internal": false
}
We used it only for one source similar to what you have done. And the above code will return true for all the days until the expiration date is in future.
Unfortunately, we do not have equals operation for date.
Here is what we have done, we used a conditional operation transform with two attributes:
- lessthancomparison - where we validate the expiration date less than or equal to now+10d
- greaterthancomparison - where we validate the expiration date greater than or equal to now+10d
Now the ideal date when the email should be sent is exactly 10 days before the expiration date. So, in the conditonal transfer we have an expression query used, something like this:
$lessthancomparison$greaterthancomparison eq truetrue
Both of them will be true only when the date is exact date indirectly equal condition.
Hey @uday_kilambiCTS
When ever I evaluate my transform in VS code I get true/false value but when I check the value in SailPoint I get null. Any ideas why that maybe?
Thanks
Hi @NikeshRao2054 ,
Is it Null or True? In your earlier comment, you mentioned it always resulted in true right?
Regards,
Uday
Hi @uday_kilambiCTS
When I evaluate the transform I get true/false returned in VS code. But when I check in IDN UI I get null returned by attribute.
Thanks
Nikesh
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.