Create User with Two-Stage Approval Workflow
search cancel

Create User with Two-Stage Approval Workflow

book

Article ID: 98329

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

This knowledge doc walks through the steps to build a create user task with a two-stage approval workflow.

Environment

Release:
Component: IDMGR

Resolution

Make sure Workflow is enabled prior to attempting this. 
To enable Workflow:
1) Go to Identity Manager Management Console
2) Select Environments > Your Environment > Advanced Settings > Workflow
3) Select the Enabled checkbox and click Save
4) Click to Restart the Environment

Steps to setup users and roles
1) Login to Identity Manager User console as an admin user
2) Create an admin role owned by the System Manager.  We will call is SysAdmin for the purposes of this document.  Make sure the role is enabled and add your first user to the role.
a. Select Roles and Tasks > Admin Roles > Create Admin Role.
b. Select the Create a new admin role radio button and then click OK
c. Enter SysAdmin into the Name field
d. Select the Enabled checkbox
e. Click the Owners tab
f. Click Add.
g. From the Users drop-down list, select "who are members of <role-rule>.
h. Select admin role <admin-role>
i. Browse, Search and then select System Manager and click OK.
j. Click the Members tab
k. Click Add
l. Select where <user-filter>.
m. Select User ID = User1
n. Click OK and then Submit.

3) Create a group (we will name it Helpdesk) in your Organization and add the admin user you are logged on as in the Administrators tab.  Also add User2 as a member.
a. Click Groups > Create Group
b. Select Create a new group and then click OK
c. For the Org, browse search and select your Organization
d. For the group name, enter Helpdesk
e. click the Administrators tab
f. Click Add a user
g. Search and select your admin user (that you are logged on as)
h. Click the Members tab
i. Click Add a user
j. Seach and select User2
k. Click Submit

Make a copy of the Create User task and assign approvers
4) Select Roles and Tasks > Admin Tasks > Create Admin Task
5) Select Create a copy of an admin task
6) Search and select the Create User task
7) Change the Name field to something descriptive like the following:  Create User Two Stage Approval
8) Change the Tag field to something descriptive like the following:  CreateUserTwoStageApproval
9) Scroll down and click the pencil icon (edit) next to Workflow Process
10) In the Non-Policy Based drop-down list, select TwoStageApprovalProcess
11) Scroll down to the Defautl Approver section and select the following:
Approval Task = Approve Admin Task
Participant Resolver = Group Members
12) Click Add Groups.  Click Search, select Helpdesk group and click Select
13) In the Business Approver section, select the following
Approval Task = Approve Admin Task
Participant Resolver = List of Users
14) Click Add Users.  Click Search, select User3 and click Select
15) Scroll down to the Technical Approver section and select the following:
Approval Task = Approve Admin Task
Participant Resolver = Admin Role Members
16) Click Add Admin Roles.  Click Search, select the SysAdmin Role and click Select
17) Click Ok and then Submit

Add the New Task (Create User Two Stage Approval) to the System Manager role so that this new task is visible to the manage users task category
18) Select Roles and Tasks > Admin Roles > Modify Admin Role
19) Scroll down and select the System Manager role and click Select
20) Click the Tasks tab
21) Scroll to the bottom of the page and in the Filter by category select Users
22) In the Add Task list, select Create User Two Stage Approval.
23) Click Submit

Test the new task
24) Click the Users tab
25) Select Manage Users > Create User Two Stage Approval
26) Select Create a new user and then click OK
27) Enter the new user userid and fill out the rest of the required fields and click submit
28) Wait for the "Task Pending" message to appear
29) Log out and log in as User3.  You will see the Work List. 
30) Click the hyperlink to open the Approval Task screen
31) Click the "View Job" tab to see a diagram of he Workflow job
32) Click approve and click OK
33) Log out and login as User1.  Now User1 should have a Work List item.
34) Click on the hyperlink to open teh Approval Task screen.
35) Click on the "View Job" tab to see how the Workflow diagram has changed.