I have created the SAP HR Modify Provisioning rule and have mapped it to the sap HR source as in below ss. As data coming from SAP HR system is not handling the input of emails for users we are using transform to write the email as [email protected]
I am trying to refresh the identity from identityprofile and check if this rule is getting triggered or not but in ccg.log I don’t see this rule getting triggered. All the permissions required are set up accordingly. Is there anything that we are missing?Can you please help me with this issue?
Correct these are triggered via attribute sync. However the email address attribute is not populated in the SAP HR system, so as and when the identity is created in our system via aggregation, by identity profile mapping and transform the email is being constructed in identitynow. We are trying to modify values and refresh the identity profile of the user.
Is that the reason the identitynow is not able to pick it as attribute sync and trigger this rule. Is there any other way we can test this?
If nothing is provisioning or this is the first time you are setting up provisioning i would first confirm the provisioning permissions, then the value you are using for native ID. The latest rule requires you use Central Person ID as the native ID.
As we are using Employee Number old rule is working, when we sync the attributes manually, this rule is triggering on users but I am getting the below error.
“Provisioning configured but no provisioning rule present.”
The connector needs both the “povisionRule” and the “saphrModifyProvisioningRule” attributes to work.
If that does not do the trick, try to put them both at the top level of the object, not in the connectorAttributes. I don’t see any documentation that they should go in the connectorAttributes.
Yes adding provisionRule works. I do have one more question, can we modify any other attributes other than email,telephone and systemusername.
Is it possible to update different attribute if I modify this rule to write back different attribute? Could you please let me know about the same?
We are seeing that email, and USRID attributes are being updated and we can see the changes in the accounts tab of user (previousValue:“xyz”, newValue:“abc”). However, once we run the aggregation this value is changing back to previousValue from newValue.
Is there something we are missing? Is this issue with permissions?We do not see any errors and status is shown as success as in below screenshot.