Share all details related to your problem, including any error messages you may have received.
We are considering whether we can potentially leverage Rapid Setup for our LifeCycle Management, particularly for Joiner and Leaver processes. We are seeking feedback from those who have begun using Rapid Setup: Does it benefit your company, and have you encountered any issues? Last, will Rapid Setup be supported for the forthcoming updates of IdentityIQ?
I have implemented the Rapid-Setup Lifecycle Process for multiple customers in the past 2–3 years and, till now, haven’t faced any need to switch back to the original joiner or leaver events.
There are multiple advantages to using rapid setup events:
1.) Easy to configure.
2.) Assigning birthright roles.
3.) Creating a new account on each application that has account-only provisioning enabled (if no account
exists yet).
4.) Notifying the manager of the results of provisioning.
5.) Optionally, notify the manager when a temporary password is generated.
6.) Optional post-joiner rule
Similarly, for Rapid leaver, we can remove identity’s assigned roles, scramble the identity’s password, and post-leaver rule.
Also, now they have provided a threshold feature to prevent any mass joiner or leaver from getting triggered.
post-leaver rule, do you know when can I grab some more info about this?
we want to modify an attribute inside the identity cube to mark it as inactive state
In SailPoint Rapid Setup, We have the additional option for Post Joiner and Post Leaver Rule.
As per documentation:
Post Joiner Rule:
In the joiner process, after enabling joiner processing globally, we can set various parameters, including the option to execute a post joiner rule.
This rule allows us to run custom actions at the end of the joiner process, such as additional checks or notifications. We can select this from available rules of type PostLifecycleJoiner Configuration.
Post Leaver Rule:
Similarly, the leaver process can be configured globally where wr can decide on various actions like disabling or deleting accounts, reassigning roles, and more.
A key feature here is the post leaver rule, which can be applied to manage actions after the standard leaver process is completed. For ex including specific business logic or cleanup activities. I am using it particularly to move specific privilege groups after leaver process.
I tried sharing this information to our developer and were able to update a field on identity cube. Example inactive = false to true and employee status = active to inactive
But when we run the refreshed it reverse back to old status.
I have some delimited application entitlements in the rapid birth right role. When the role gets assigned to a user, work items are not being generated. Does the Rapid birth right support inclusion of delimited app entitlements?
I have been using RapidSetup since its inception for clients, including new installations and some conversions from SSF and AP to RS. There are some quirks but I have a standard setup that I use and it works great for me. To me it saves some time with the workflows, so I don’t have to write code for every function point. RS satisfies so much of what clients ask for.
Birth right roles are assigned during event trigger, if you try to add new birth right roles as you onboard the new applications, access will not be granted to existing users as the event already triggered for them
Related to Birth right roles, if the event failed with out assigning birth right roles, then they will not be automatically assigned during next refresh, rather we need to manually assign them.
