Using Bulk Task to trigger Policy Xpress policy sending Email notification
search cancel

Using Bulk Task to trigger Policy Xpress policy sending Email notification

book

Article ID: 135914

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

I want to configure Identity Manager to send email notification before expiry date of contractors to their corresponding managers. Is this possible? How can we do that?

Environment

Release : 14.x

Component : CA IDENTITY MANAGER

Resolution

Yes, this is possible. We can utilize Bulk Task and Policy Xpress (PX) policy to achieve this objective. Bulk Task can be scheduled to run daily to filter the contractors based on expiry date attribute. So Bulk Task will generate expiring contractors population daily. The Task which is set in Bulk Task should trigger PX policy which sends email notification to the manager of each contractor. The assumption is the email address of contractor's manager has been set in the contractor user attribute so that PX policy can get the data.

 

One hurdle is how we can trigger "Submitted Task" Policy Type PX policy if we don't want to modify any user or contractor's data within Bulk Task. Read only task such as "View User" is not applicable for Bulk Task. In this case, we can use duplicate of out-of-the-box "Modify User" task to be set within the Bulk Task and configure the task's Profile tab to enable  "Always generate event even when no attributes have changed" option.

 

So here are the steps.

 

1. Identify contractor's contract expiry date and manager's email address attributes within User Directory.

 

2. Create a custom duplicate of out-of-the-box "Modify User" task, name it appropriately, remove unnecessary tabs but Profile tab. Open (click the pen icon) Tabs tab -> Profile tab and select the following box
      "Always generate event even when no attributes have changed"


   

     This will make this task execution reach a "completed" state even though there is no user attribute being modified during execution of Bulk Task.

 

3. Add the created custom task to the appropriate Admin Role so that the user who configures Bulk Task has the privilege to run the task.

 

4. Create Bulk Task Definition, set User as Object Type and the created custom task within the Bulk Task Profile without specifying any attribute to modify. In the Population tab, set appropriate filters based on contractor's expiry date attribute and timing you wish to send the email notification.

 

5. Create PX policy that has "Submitted Task" Policy Type with Event State set as Task completed for the created custom task above in its Events tab. Configure the PX policy to get manager's email address attribute data and other required contractor attributes data. Then in its Action Rules configure an Action to send email (Category = Mail, Type = Send Email Message, Function = Email) to the manager's email address.

 

6. Schedule to run the Bulk Task execution daily.

Additional Information

Policy Xpress

Modify Multiple Objects (Bulk Modify)

Powered by Wolken Software