search cancel

When assigning Provisioning roles via Policy Xpress, why is the roles search not returning all roles?


Article ID: 40903


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On



Policy Xpress can be used to assign provisioning roles to users based on certain conditions. When configuring an action, you can browse to existing provisioning roles to assign. 


When browsing for Provisioning roles in a Policy Xpress action, why doesn't the search return all the roles? 


Applies to all Identity Manager Environments. 


By default, the search screen for the Action Rules tab in 'Modify Policy Xpress Policy' and the 'Create Policy Xpress Policy' tasks has search screen "Default Provisioning Role Search". This returns only the roles that have an owner and are in scope for the current logged in user. To return all roles, set the search screen to be 'Default Provisioning Role All Search' to return all roles. 

1. In The IM user console, go to Roles and Tasks-> Modify Admin Task.

2. Search for and select the 'Create Policy Xpress Policy' task.

3. In the Tabs tab, click on the 'Action Rules' tab

4. Change the Provisioning Role Search Screen to ''Default Provisioning Role All Search'

5. Save the task. Repeat for the 'Modify Policy Xpress Policy' task. 

<Please see attached file for image>


Additional Information:



Component: IDMGR


1558719791442000040903_sktwi1f5rjvs16vfl.png get_app