ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How to avoid the default delete organization behavior from TEWS calls

book

Article ID: 228124

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

When making a TEWS call to remove an organization (see example below), the default behavior is to remove ALL organizations.  Is there a way to avoid this?

 

Example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl">
<soapenv:Header/>
<soapenv:Body>
<wsdl:FSSDeleteOrganization>
<wsdl:FSSDeleteOrganizationSearch>
</wsdl:FSSDeleteOrganizationSearch>
</wsdl:FSSDeleteOrganization>
</soapenv:Body>
</soapenv:Envelope>

 

 

Environment

Release : 14.3 CP2

Component : IdentityManager

Resolution

To avoid this you need to use the filter element (Example below).

 
 
The above request removes all organization, but we want to fail because the filter element is missing. 
Only requests like must be possible:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl">
  <soapenv:Header/>
  <soapenv:Body>
    <wsdl:FSSDeleteOrganization>
      <wsdl:FSSDeleteOrganizationSearch>
        <wsdl:Filter index="?">
          <wsdl:Field>%ORG_NAME%</wsdl:Field>
          <wsdl:Op>EQUALS</wsdl:Op>
          <wsdl:Value>123456</wsdl:Value>
        </wsdl:Filter>
      </wsdl:FSSDeleteOrganizationSearch>
    </wsdl:FSSDeleteOrganization>
  </soapenv:Body>
</soapenv:Envelope>

 

 

Additional Information

There is no safeguard mechanism, in the TEWS call.  If the filter is not specified all organizations will be deleted.  However, customers can develop their own event listeners.  For more information please refer to the product documentation (link below).

 

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-4/configuring/advanced-settings/business-logic/event-listeners.html