Hi everyone,
Just to confirm, they are no way to do a compliance on AD Attribute ?
To explain more the situation, we are migrating Microsoft FIM in RSA IGL. On FIM, where an attribute was changed on AD but does not equal the value on FIM, FIM push the correction. Like that, FIM is the authority source which depend on HR data by the way.
If I understand, RSA IGL do only push forward so for example if one attribute is modified on the identity, it's pushed to the target. It does not correct attribute on target if someone has changed it and it's not done on the RSA identity. right ?
Thanks.
Hi,
if you want to use custom workflows, you could construct one that gives you a list of identities that have attributes differ in the target system. then loop through all of the identities and the corresponding attributes and pump that all into a provision node. That could loop tons of time and can really pump up the line count in WP_USER_DATA.
Or, slight variation from above, instead of calling a provisioning node, call the createChangeRequest REST webservice. There the advantage is you can pump in lots of change items and not just do a 1:1.
frank