Retention time for pending changes
Table 30: Configuration parameters
| QBM | PendingChange | LifeTimeError |
This configuration parameter specifies the maximum retention period (in days) for failed provisioning processes. Default is 30 days. |
| QBM | PendingChange | LifeTimeRunning |
This configuration parameter specifies the maximum retention period (in days) for open provisioning processes. Default is 60 days. |
| QBM | PendingChange | LifeTimeSuccess |
This configuration parameter specifies the maximum retention period (in days) for successful provisioning processes. Default is 2 days. |
Pending changes are saved for a fixed period. After this period has expired, the entries are deleted by the DBQueue Processor from the QBMPendingChange and QBMPendingChangeDetail tables. The retention period depends on the status of provisioning processes and can be configured in the configuration parameter. The retention periods apply to both automatic and manual provisioning processes.
To configure the retention period for pending changes
- To change the retention period for successful provisioning processes, in the Designer, edit the value of the "QBM | PendingChange | LifeTimeSuccess" configuration parameter.
- To change the retention period for failed provisioning processes, in the Designer, edit the value of the "QBM | PendingChange | LifeTimeError" configuration parameter.
- To change the retention period for open provisioning processes, in the Designer, edit the value of the "QBM | PendingChange | LifeTimeRunning" configuration parameter.
- Enter a retention period in days.
Configuring manual provisioning
|
|
WARNING: Data may be lost through inconsistencies.
If you select manual provisioning, you must ensure that changes from the One Identity Manager database are transferred quickly to the cloud application using suitable manual processes.
Ensure that data between the cloud application and the One Identity Manager database is synchronized regularly and quickly. To do this, set up synchronization through the SCIM connector. If this is not possible, you can synchronize using the CSV connector. |
Manual provisioning permissions are configured in the cloud application. Pending manual provisioning processes for this cloud application are displayed in the Web Portal. Operators can transfer pending changes to cloud application using this overview and then mark them as done. Auditors can check pending and completed provisioning processes in the Web Portal.
To configure manual provisioning
- Edit the cloud application's master data.
- Set the option Manual provisioning.
- Assign the operators who are permitted to edit the open provisioning processes in the Web Portal.
- Specify the auditors who are authorized to check manual provisioning processes in the Web Portal.
Detailed information about this topic
For more detailed information about synchronizing using the CSV connector, see the One Identity Manager CSV Connector User Guide.
Managing provisioning processes in the Web Portal
You can use the Web Portal to display pending manual provisioning processes for cloud applications. Operators can transfer pending changes to cloud application using this overview and then mark them as done. Auditors can check pending and completed provisioning processes in the Web Portal.
Users can view or manage their entitlements, provisioning processes in the Web Portal, depending on which application roles they own. For more information, see One Identity Manager users for managing cloud applications.
To log into the Web Portal
- Type the Open URL in the address bar to Web Portal the Web Portal page.
By default the URL is http: //<server name>/<application name>, where <server name> is the computer on which the Web Portal is installed.
- Enter your complete login name in the Login name field.
- Enter your password in the Password field.
- Click Log in.
For more detailed information on login languages, see the Web Portal in the One Identity Manager Web Portal User Guide.
Detailed information about this topic
Editing pending provisioning processes
If you are an operator, you can edit pending provisioning processes in the Web Portal. A provisioning process is a work order for an operator to carry out an operation on a target system. There are the following target objects
Table 31: Target objects
| User account |
| Group |
| Assignment |
NOTE: Administrators can also carry out pending provisioning processes.
The processes displayed in descending order by date with object names and a description of the operation in the Pending cloud operations view. The operation type is displayed in the Operation view in the detailed information about the marked process. There are the following operation types.
Table 32: Operation types
| New object |
Create a new object. |
| Change |
Set a value in the target system. |
| Deletion |
Delete an object. |
Detailed instructions are given in the operation detail for every requested operation labeled with 
. If several pending processes exist for one target object, you handle the processes in the order in which they arrived. That means the oldest process must be handled first.
To edit a pending provisioning process
- Open the Pending Cloud Operations menu on the Web Portal's start page.
- Mark the desired provisioning process in the Pending Cloud Operations view.
NOTE: If several operations are list under each other for the pending process marked in the operation detail, edit the first operation.
- Carry out the instructions.
- Click Mark as Done.
This causes the completed provisioning process to disappear from the Pending Cloud Operations view.
