How to extract delegation dates and email to person who is delegated
search cancel

How to extract delegation dates and email to person who is delegated

book

Article ID: 38625

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

How would you retrieve the delegation date period to email a person?

Unfortunately, this can not be done at this time using the email policy method. This can only be done using the email template method. The start and end dates are stored in the User Store and you should use the APIs in order to retrieve this information.

Environment

Release: CAIDMB99000-12.6.7-Identity Manager-B to B
Component:

Resolution

If you would like to email a person who has been delegated telling them that: 
They have been delegated to approve tasks on behalf of <initiator> and 

In case the delegation is limited to a time frame (start and end dates) then let them be aware of the time frame. 
You will run into a problem that the start and end dates are not retrieved by the email policy method. 

Below is an explanation of how you can extract this information to use in an email template (using the template method): 

The delegate's name, delegation start date and enddate will be stored in the User Attribute 'Delegators (%Delegators%)' for the delegators in the userstore. This information will be stored in the below format (assume it is LDAP user store) 

Eg: 

uid=SuperAdmin,ou=People,ou=Employee,ou=NeteAuto,dc=security,dc=com#%134813382 
0000#%1348738620000 

the start date and end date will be there in the epoch value format. If we can extract the delegate's uid using custom Data fields, we can filter the start date and end date from the delgator's 'Delegators' user attribute. 

Create an email policy with the below details 

Policy Type - Submitted Task 

Events: 

Event State - Task Completed 

Event Name - Out of Office Assistant (outOfOffice) 

To get the delegate's uids, create the below Data elements. 

Create a Data Element to get the initiator DN: 

Enter name - InitiatorDN 
Category - Tasks and Events 
Type - Task Information 
Function - Initiator's DN 


Create a Data Element to get Delegator's DN: 
Name - DelegatedToDN 
Category - Data Sources 
Type - LDAP Query 
Function - Get Filtered Object Values 
Fill the LDAP store details 
Enter Search Filter - (homePostalAddress=*InitiatorDN*) 
Attribute Name - uid 


Create a Data Element to get the 'Delegators' field value which will have 
delegate's name, startdate and enddate" 
Name - GetDelegateValue 
Category - Data Sources 
Type - LDAP Query 
Function - Get Filtered Object Values 
Fill the LDAP store details 
Enter search filter - (uid={'DeletegatedTODN'}) 
Attribute Name - homePostalAddress 
'GetDelegateValue' will give the value like - 
uid=SuperAdmin,ou=People,ou=Employee,ou=NeteAuto,dc=security,dc=com#%134813382 0000#%1348738620000

on 'GetDelegateValue', we can use category 'General > String Search' to extract the start date and end date. The date epoch value can be converted into appropriate date format using external code option in the Action Rules tab. 



This information is also available as tech doc 582840 on CA's support web site:
https://support.ca.com/irj/portal/kbtech?docid=582840

Powered by Wolken Software