This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to properly implement the proccess to make a Identity Manager automated (system) Fulfillment through Access Request

Hi, community.

The scenario I'm facing is, when a Access Request is made and the manager and owners approved, the access requested must be granted to the Initiator without manual intervention. 

I followed the course instructions from Identity Governance and Administration (IGA) Academy and configured the Fulfillment Target of the application to Identity Manager automated (system). However, nothing occurs after the collection + publish, neither the access is granted in the IDM side and neither is show on the Current Access of the user. Also, I could not find any logs towards these changes in the IDM side, not in the driver of this application and neither in catalina.out from UserApp logs.

The requested access keep showing in Fullfillment -> Requests of the Fullfillment Administration User after the collection + publish.

Is there another configuration necessary? Where can i see the logs of these?

Parents
  • 0  

    Did you use the "Identity Manager AE Permission" Collector as an application collector?

    Also you need to configure the following connection information for the provisioning under the "Configuration" tab

    As Diego mentioned, under "Fulfillment/Configuration/Application setup" all the applications need to have "Identity Manager automated (system)"

  • 0   in reply to   

      That is incorrect.  The settings under Configuration -> Identity Manager Configuration  is only utilized for the "IDM Workflow" fulfillment.  The IDM Automated fulfillment utilizes the IDM AE Permission Collector (which means you can only have one (1) IDM AE application source per IG Install

    Sincerely,
    Steven Williams
    Principal Enterprise Architect
    OpenText Cybersecurity

  • 0   in reply to   

    I will not argue against it logically, but in a customer installation, automated fulfillment did not work until this setting was successfully configured.

    There were problems with the address entered there and when we changed it, the fulfillments also worked successfully. But these are now only observations of the one installation and could also have been more a coincidence.

Reply
  • 0   in reply to   

    I will not argue against it logically, but in a customer installation, automated fulfillment did not work until this setting was successfully configured.

    There were problems with the address entered there and when we changed it, the fulfillments also worked successfully. But these are now only observations of the one installation and could also have been more a coincidence.

Children
  • 0   in reply to   

    Hello Tobias,

        The IDM Automated Fulfillment only looks at the IDM AE Permission Collector for how to call back to IDM.   If you experienced something else, then a Service Request should be created for us to investigate.  

    Sincerely,
    Steven Williams
    Principal Enterprise Architect
    OpenText Cybersecurity

  • 0   in reply to   

     If your fallback for the IDM Automated is IDM Workflow, then yes you are correct that the information in Configuration -> Identity Manager Settings is needed.  However, if the fallback is manual it is not.

    Sincerely,
    Steven Williams
    Principal Enterprise Architect
    OpenText Cybersecurity