AnsweredAssumed Answered

IGL 7.x - any control over removal of accounts and entitlements

Question asked by Andy Cheek on Sep 13, 2019
Latest reply on Sep 24, 2019 by Andy Cheek

Slightly vague question title (apologies) but essentially the scenario is as follows:

  • User has an account A for application X, with multiple associated entitlements (E1, E2, E3, etc.)
  • The user's Access page will list the account AND the entitlements, all with Remove buttons next to them
  • Line Manager comes in and selects to remove the account (A) and SOME of the associated entitlements (E2 & E3)
  • This leaves E1 (at least) as NOT removed

 

This doesn't make sense - if you want to remove the account then surely ALL the entitlements should be removed as well; if you want to remove only SOME of the entitlements then you wouldn't want the account to be removed.

 

I don't believe IGL makes any attempt to detect, prevent or even warn the end user about this apparent inconsistency, so how do people get round it? 

 

What options/approaches has anyone adopted to try and make sense of this kind of scenario?

Outcomes