Hi Experts,
We have a user who already have access to AD entitlements : Test_Admins, Test_Users. Now we created a role named : TEST AD ROLE with no assignment criteria and then added both the entitlements to the role. My expectation was when I stage the campaign with TEST AD ROLE, It has to show me all the identities that has access to the 2 ents. But it is not working as expected.
Roles do not work that way. Roles will only populate Identities based on the Assignment, or if they are requestable and someone has requested it.
You could create an Access Profile with the 2 entitlements, then run a certification campaign just on that Access Profile. Then it will show all the Identities with both of those entitlements.
Hi @chandramohan27 ,
Adding entitlements to a Role won’t assign the Role to any identities.
Roles can be assigned to identities either via request or by assignment criteria.
Remove the entitlements from the role and try giving a criteria like if user has that source entitlement then assign users to this role (criteria type as entitlement, select source name, select equals operation, provide the entitlement name), so that users will be assigned with this role. Then do a certification for this role.
Thanks
For more information on this topic.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.