IGL 7 - setting attribute from User Attribute Change rule
The help for User Attribute Change rules states that we can set a managed attribute but gives NO indication or real examples of how you can set the attribute to a non-literal value, e.g. run date.
It says ...
For example, assume the following:
The condition for an attribute change rule detects changes in the departments to which users belong.
A locally managed user date data type attribute, “Last Transfer Date,” is included in the user attribute set.
In this case, you could specify that the action sets the transfer date value to the date when the department change is detected by the rule. A review designer, for instance, could then design a user review that includes only those users who have transferred to another department in the last 30 days as indicated by the value of “Last Transfer Date.”
This is essentially what we want to do … but how do we specify that the managed attribute should be updated with the run date of the rule?
- Community Thread
- Data Collection
- Forum Thread
- Identity G&L
- Identity Governance & Lifecycle
- RSA Identity
- RSA Identity G&L
- RSA Identity Governance & Lifecycle
- RSA Identity Governance and Lifecycle
- RSA IGL
Thanks Boris Lekumovich - does that depend on the TYPE of the managed attribute then? I.e. if the attribute is STRING or INTEGER then the detection date option does not appear? I did wonder if that was the case, since we don't currently have any managed DATE attributes.
Ahah. Have answered my own question - yes it does depend on the attribute type. So that's all good.
I have one more query on the Attribute Change rule though - for "new" users who already have an inactive IGL record (i.e. they were active, then left, and have now rejoined) … does the rule treat that as a new user or an update to an existing user? Put another way - does the rule only work on ACTIVE records, rendering the fact that there was an existing INactive record irrelevant?