There are situation when privilege assignment gets failed, say the target application was unavailable at the time of original privilege assignment. It is nice to have a job to re-attempt the failed provisioning at a later stage once the target is up or any provisioning flow is corrected.

Following are the detailed steps to have such job created

Create New -> Empty Job and name it as ‘Retry failed assignments’

Make sure the job is enabled and has corresponding dispatcher mapped as below

Now include a ‘To Generic’ pass to the job

In the source tab fill the ‘Database’ and ‘SQL statement’ fields

Query:

SELECT mcThisMSKEY, mcOtherMSKEY FROM idmv_link_ext WHERE mcExecState = ‘4’ AND mcThisOcName = ‘MX_PERSON’ AND mcOtherOcName = ‘MX_PRIVILEGE’

Here mcExecState=4 will retrieve all failed assignments

In the destination tab select ‘Next data entry’ as ‘Recon’ script and configure the necessary attributes as below


uRetryPrivilegeAdd  function retries a privilege assignment for a given entry.


// Main function: Recon

function Recon(Par){

      OutString = uRetryPrivilegeAdd(Par.get(“mcThisMSKEY”), Par.get(“mcOtherMSKEY”));

      uInfo(OutString);

}

mcThisMSKEY – MSKey of the user.

mcOtherMSKEY –  MSKey of the privilege.

OutString – Empty string or error message prefixed with !ERROR:.

This can be set as a periodic scheduled job that retries all failed privileges.

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply