How to restrict the Delegation of Tasks to Employees Only
Article ID: 186057
Updated On:
Products
CA Identity Manager
CA Identity Portal
CA Identity Suite
Issue/Introduction
How can the delegation feature in Identity Portal be limited to only allow delegation to Employees who are also members on the same team, i.e. users with the same manager?
Environment
Release : 14.x
Component : SIGMA-Identity Suite
Resolution
Add a User Search to the Delegation section under Settings > General Configuration in the IP AdminUI that will enable you to filter the users that can be searched for.
For example, creating a search with a filter such as the below will allow searching for all Employees who report to the logged in user.
All of the following are true
User Attribute "User Type" Equals "Employee"
AND
Logged-in user attribute "UserId" Equals "User's Manager"
To get users with the same manager you could use something like:
User Attribute "Manager" Equals <manager id>
To get users on the same team, if there is an attribute containing the team name, e.g. Division, the filter could include:
User Attribute "Division" Equals <team name>
For example, creating a search with a filter such as the below will allow searching for all Employees who report to the logged in user.
All of the following are true
User Attribute "User Type" Equals "Employee"
AND
Logged-in user attribute "UserId" Equals "User's Manager"
To get users with the same manager you could use something like:
User Attribute "Manager" Equals <manager id>
To get users on the same team, if there is an attribute containing the team name, e.g. Division, the filter could include:
User Attribute "Division" Equals <team name>
Feedback
Yes
No
Powered by
