Workflow refers to a sequence of actions that leads to the completion of a certain task. Active Roles allows administrators to configure various workflows that can be started on a scheduled basis or on user demand. This workflow type is called automation workflow. For more information, see Automation workflow in the Active Roles Administration Guide.
If an automation workflow is configured so that running it on demand is allowed, then such a workflow can be run from the Web Interface.
To run an automation workflow from the Web Interface
-
On the Navigation bar, click Directory Management.
-
On the Tree tab in the Browse pane, expand the Workflow branch and click the container that holds the desired workflow.
-
In the list of objects, select the desired workflow.
-
In the Command pane, click Run.
-
If prompted, review or change the values of the workflow parameters.
-
Click OK in the confirmation message box.
The Web Interface prompts you for parameter values if the workflow has any parameters that need to be supplied by the user running the workflow on demand. If the workflow has no parameters that require user input, then the Web Interface starts the workflow without prompting you for parameter values.
Once you have started an automation workflow, the Web Interface opens a run history report allowing you to examine the progress of the workflow run. The report displays the workflow run status along with information about the activities performed during the run. For a workflow that is in progress, you can cancel its run by clicking Terminate.
After the workflow is completed, the report retains history information about the workflow run. For each completed run of the workflow, the report allows you to identify when and by whom the workflow was started, when the workflow was completed, and what parameter values were used.
The report also lists the workflow activities that were initiated during the workflow run. For each activity, you can determine whether the activity was completed successfully or returned an error. In case of error, the report provides an error description. For activities requesting changes to directory data (for example, activities that create new objects or modify existing objects), you can examine the requested changes in detail by clicking the Operation ID number in the run history report.
To view run history of an automation workflow in the Web Interface
-
On the Navigation bar, click Directory Management.
-
On the Tree tab in the Browse pane, expand the Workflow branch and click the container that holds the desired workflow.
-
In the list of objects, select the desired workflow.
In the Command pane, click Run History.
By using temporal group memberships, you can manage group memberships of objects such as user or computer accounts that need to be members of particular groups for only a certain time period. This feature gives you flexibility in deciding and tracking what objects need group memberships and for how long.
This section guides you through the tasks of managing temporal group memberships in the Web Interface. If you are authorized to view and modify group membership lists, then you can add, view and remove temporal group members as well as view and modify temporal membership settings on group members.
A temporal member of a group is an object, such as a user, computer or group, scheduled to be added or removed from the group. You can add and configure temporal members using the Web Interface.
To add temporal members to a group
-
In the Web Interface, select the group, and then choose the Members command.
-
On the Members page, click Add.
-
In the Select Object dialog, find and select the objects that you want to make temporal members of the group, then click Temporary Access.
-
In the Temporal Membership Settings dialog, select the appropriate options, then click OK:
-
To have the temporal members added to the group on a certain date in the future, select On this date under Add to the group, and choose the date and time you want.
-
To have the temporal members added to the group at once, select Now under Add to the group.
-
To have the temporal members removed from the group on a certain date, select On this date under Remove from the group, and choose the date and time you want.
-
To retain the temporal members in the group for indefinite time, select Never under Remove from the group.
NOTE: You can make an object a temporal member of particular groups by managing the object rather than the groups. Select the object, and then choose the Member Of command. On the Member Of page, click Add. In the Select Object dialog box, find and select the groups, and specify the temporal membership settings as appropriate for your situation.
In the list of group members displayed by the Web Interface, you can distinguish between regular and temporal group members. It is also possible to hide or display so-called pending members, the temporal members that are scheduled to be added to the group in the future but are not actual members of the group so far.
To view temporal members of a group
-
In the Web Interface, select the group, and then choose the Members command.
-
Review the list on the Members page:
-
An icon of a small clock overlays the icon for the temporal members.
-
If the Show pending members check box is selected, the list also includes the temporal members that are not yet added to the group.
The list of group memberships for a particular object makes it possible to distinguish between the groups in which the object is a regular member and the groups in which the object is a temporal member. It is also possible to hide or display so-called pending group memberships, the groups to which the object is scheduled to be added in the future.
To view groups in which an object is a temporal member
-
In the Web Interface, select the object, then choose the Member Of command.
-
Review the list on the Member Of page:
-
An icon of a small clock overlays the icon for the groups in which the object is a temporal member.
-
If the Show pending group memberships check box is selected, the list also includes the groups to which the object is scheduled to be added in the future.