Hi All,
In this report we are going to learn about how to get the report that users got terminated and disabled the AD account as part of leaver. Here, I am using AuditEvent because while the leaver is triggering, we have enabled or added the audit evnts for disabling the AD account as part of leaver. So, I am going to get the report using the Filter type using the AuditEvent class. You can add how many and what columns you want in the report by adding render script for the columns.
Custom form:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Form PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Form name="BPK Disable AD Terminate Report Custom Form" type="Report">
<Section columns="2" label="Report Form" name="customProperties">
<Field columnSpan="1" displayName="Start Date" helpKey="startDate" name="creationStartDate" type="date" value="ref:creationStartDate"/>
<Field columnSpan="1" displayName="End Date" helpKey="startDate" name="creationEndDate" type="date" value="ref:creationEndDate"/>
<Field columnSpan="1" displayName="Application" helpKey="Name of the application requested for" name="application" type="radio" value="ref:application">
<AllowedValues>
<String>Active Directory</String>
</AllowedValues>
</Field>
<Field columnSpan="1" displayName="Action" helpKey="Action on the application" name="action" type="radio" value="ref:action">
<AllowedValues>
<String>Disable</String>
</AllowedValues>
</Field>
</Section>
</Form>
Taskdefinition:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE TaskDefinition PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<TaskDefinition executor="sailpoint.reporting.LiveReportExecutor" name="BPK Disable AD Terminate Report" progressMode="Percentage" resultAction="Rename" template="true" type="LiveReport">
<Attributes>
<Map>
<entry key="report">
<value>
<LiveReport title="Application Access Request Report">
<DataSource objectType="sailpoint.object.AuditEvent" type="Filter">
<QueryParameters>
<Parameter argument="creationEndDate" operation="LE" property="created">
<ValueScript>
<Source><![CDATA[
log.error("Account Access Requests::end date value is ::"+value);
return value;
]]></Source>
</ValueScript>
</Parameter>
<Parameter argument="creationStartDate" operation="GE" property="created">
<ValueScript>
<Source><![CDATA[
log.error("Account Access Requests::start date value is ::"+value);
return value;
]]></Source>
</ValueScript>
</Parameter>
<Parameter argument="application" operation="EQ" property="application">
<ValueScript>
<Source><![CDATA[
log.error("Type of request ::"+value);
return value;
]]></Source>
</ValueScript>
</Parameter>
<Parameter argument="action" operation="EQ" property="action">
<ValueScript>
<Source><![CDATA[
log.error("Type of request ::"+value);
return value;
]]></Source>
</ValueScript>
</Parameter>
</QueryParameters>
</DataSource>
<ReportForm>
<Reference class="sailpoint.object.Form" name="BPK Disable AD Terminate Report Custom Form"/>
</ReportForm>
<Columns>
<ReportColumnConfig field="id" header="ID" property="id" sortable="true" width="110"/>
<ReportColumnConfig field="Account Name" header="Account Name" property="accountName" sortable="true" width="110"/>
<ReportColumnConfig field="Action" header="Action" property="action" sortable="true" width="110"/>
<ReportColumnConfig field="application" header="Application" property="application" sortable="true" width="110"/>
<ReportColumnConfig field="created" header="Date" property="created" sortable="true" width="110"/>
<ReportColumnConfig field="target" header="Target" property="target" sortable="true" width="110">
<RenderScript>
<Source><![CDATA[
import sailpoint.object.Identity;
String returnValue = "";
Identity identity =context.getObjectByName(Identity.class, value);
if(identity != null && identity.getStringAttribute("displayName") != null)
{
returnValue = identity.getStringAttribute("displayName");
}
return returnValue;
]]></Source>
</RenderScript>
</ReportColumnConfig>
<ReportColumnConfig field="employeeNumber" header="Employee Number" property="target" sortable="true" width="110"/>
<ReportColumnConfig field="userID" header="UserID" property="target" sortable="true" width="110">
<RenderScript>
<Source><![CDATA[
import sailpoint.object.Identity;
String returnValue = "";
Identity identity =context.getObjectByName(Identity.class, value);
if(identity != null && identity.getStringAttribute("userID") != null)
{
returnValue = identity.getStringAttribute("userID");
}
return returnValue;
]]></Source>
</RenderScript>
</ReportColumnConfig>
<ReportColumnConfig field="endDate" header="End Date" property="target" sortable="true" width="110">
<RenderScript>
<Source><![CDATA[
import sailpoint.object.Identity;
String returnValue = "";
Identity identity =context.getObjectByName(Identity.class, value);
if(identity != null && identity.getStringAttribute("endDate") != null)
{
returnValue = identity.getStringAttribute("endDate");
}
return returnValue;
]]></Source>
</RenderScript>
</ReportColumnConfig>
</Columns>
</LiveReport>
</value>
</entry>
</Map>
</Attributes>
<Description>Displays about application termination disable AD account requests</Description>
<RequiredRights>
<Reference class="sailpoint.object.SPRight" name="FullAccessAccountGroupMembershipReport"/>
</RequiredRights>
<Signature>
<Inputs>
<Argument name="creationStartDate" type="date">
<Description>report_provisiong_date</Description>
</Argument>
<Argument name="creationEndDate" type="date">
<Description>report_provisiong_date</Description>
</Argument>
<Argument name="application" type="String">
<Description>Name of the application requested for</Description>
</Argument>
<Argument name="action" type="String">
<Description>Action on the application</Description>
</Argument>
</Inputs>
</Signature>
</TaskDefinition>
All you have to do is select the start and end dates. You can also leave the end date so that you will get all requests from the start date to the till date. And select the application as well.
For more details on reports please find it here.
Feel free to reach out to me if you have any questions. Thank you!