There are situation when privilege assignment gets failed, say the target application was unavailable at the time of original privilege assignment. It is nice to have a job to re-attempt the failed provisioning at a later stage once the target is up or any provisioning flow is corrected.
Following are the detailed steps to have such job created
Create New -> Empty Job and name it as ‘Retry failed assignments’
Make sure the job is enabled and has corresponding dispatcher mapped as below
Now include a ‘To Generic’ pass to the job
In the source tab fill the ‘Database’ and ‘SQL statement’ fields
SELECT mcThisMSKEY, mcOtherMSKEY FROM idmv_link_ext WHERE mcExecState = ‘4’ AND mcThisOcName = ‘MX_PERSON’ AND mcOtherOcName = ‘MX_PRIVILEGE’
Here mcExecState=4 will retrieve all failed assignments
In the destination tab select ‘Next data entry’ as ‘Recon’ script and configure the necessary attributes as below
uRetryPrivilegeAdd function retries a privilege assignment for a given entry.
// Main function: Recon
OutString = uRetryPrivilegeAdd(Par.get(“mcThisMSKEY”), Par.get(“mcOtherMSKEY”));
mcThisMSKEY – MSKey of the user.
mcOtherMSKEY – MSKey of the privilege.
OutString – Empty string or error message prefixed with !ERROR:.
This can be set as a periodic scheduled job that retries all failed privileges.