I'm trying to create a rule to provision on all of my users, some groups when users are not members of and should be.
By checking rules description, I found the "User Access" type can answer to my needed with the following :
- Whether one or more users are the only users who do not have access to any of one or more entitlements. For example, you could create a user access rule that determines whether there are users who belong to the purchasing department group who do not have any of the entitlements they should have.
In my case, it's some default groups which need to be provision when member are not gone and are not member of.
I have create an user Access Rule with a user filter (user need to be in working or pre working and need to be out of "Turkey" or "Singapore").
The Users covered result give me 1919 users impacted which is the correct number needed after checking.
But when I'm clicking on "Test" or "Process Rule", it's trying to remove the group of the only member who have the group (me for this example) which is not what I want of course. I want the inverse and it seems the change request option is only about violating users access.
Did I messed something or miss-configure ?
Below the configuration the test result :