IT Shop products can only be requested once as a rule. If a product is assigned to a customer, then it cannot be requested a second time. Furthermore, an employee might need several of one type of company resources, for example, consumables. Such company resources can be stored as multi request resources in One Identity Manager.
Request Sequence of Multi-Request Resources
The request is only saved in the table PersonWantsOrg. No entry is added to the table PersonInITShopOrg.
The resource cannot be canceled by the customer.
Request Sequence of Multi-Requestable/Unsubscribable Resources
The request is only saved in the table PersonWantsOrg. No entry is added to the table PersonInITShopOrg.
The resource can be unsubscribed through the Web Portal.
|
TIP: A customer specific implementation of a process with the root object PersonWantsOrg for the result OrderGranted can be made in order to start a specified action when a multiple product is approved. For more detailed information about defining processes, see One Identity Manager Configuration Guide. |
Customers keep their requested products on the shelf until they unsubscribe them themselves. In this way, a membership in a target system group, for example, may only be valid for the period of the project. Products that are intended have a limited shelf-life need to be labeled with the validity period. For more information, see Products with a Limited Request Period.
One Identity Manager calculates the date and time of requests for products with limited time periods (request's Valid until/expiry date) from the current date and the validity period stored with the service item. This deadline can be adjusted when the request is made.
As soon as a request is approved by all approvers, the expiry date is recalculated from the actual date and the validity period. This ensures that the validity period is valid from the day of assignment.
A valid from date can also be entered at the time of request. This specifies the point the an assignment starts to apply. If this date is given, the expiry date is calculated from the Valid from date and the validity period. If the validity period has already expired when approval is granted, the request can no longer be approved. The request is canceled and an error message is displayed.
Cancellations can include a validity period, which means a deadline for the cancellation is set for unlimited requests. The expiry date for requests with a validity period can, therefore, be changed in this way; the validity period of the product then becomes invalid. Once the cancellation has been granted approval, the cancellation's validity period is taken as the new expiry date of the request.
The request recipient receives a message before reaching the expiry data and has the possibility to extend the period. For more information, see Limited Period Request Sequence. The request is aborted once the expiry date has been reached.
The customer has the option to renew a request. If the customer uses this option the extension (as in the original request) needs to approved through an approval process. If the extension is denied, the original request runs out at the given date. You can also limit renewals in the same way.
A limited request could follow a sequence like this:
Service item | Validity period: 90 days |
Requested on: 1/2/2017 | Valid until: 4/1/2017 11:59 PM |
Approved on: 1/5/2017 | Valid until: 4/5/2017 11:59 PM |
Renewed until: 3/31/2017 | Renewal valid until: 4/30/2017 12:00 PM |
Approved on: 4/2/2017 | Valid until: 4/30/2017 12:00 PM |
Canceled on: 4/10/2017 | Canceled from: 4/14/2017 |
Approved on: 4/11/2017 | Valid until: 4/11/2017 11:59 PM |
DBQueue Processor checks whether the request's expiry date has passed using a scheduled One Identity Manager task, which compares it against to the current UTC time. If the expiry date has passed, the request is aborted; the resulting assignments removed.
|
NOTE: Ensure that times in the One Identity Manager tools, for example the Web Portal, are in the user's local time. |
If a customer has requested a product with a limited validity period, the validity period must be tested for validity in subsequent requests for this product for the same customer. If the validity period is not in effect, the request is not permitted. By default, new requests are permitted if they fall in a time period that is not covered by another pending request. However, the validity periods of different requests may not overlap. You can define the desired behavior for the validity period over configuration parameters.For more information, see Checking Request Validity Periods.
Configuration parameter | Meaning |
---|---|
QER\ITShop\GapBehavior | Defines behavior when checking the validity period of new requests. |
QER\ITShop\GapBehavior\GapDefinition | This configuration parameter specifies which requests are checked. |
QER\ITShop\GapBehavior\GapFitting | This configuration parameter specifies whether validity periods of two or more pending requests can overlap. |
If a customer has requested a product with a limited validity period, the validity period must be tested for validity in subsequent requests for this product for the same customer. If the validity period is not in effect, the request is not permitted. By default, new requests are permitted if they fall in a time period that is not covered by another pending request. However, the validity periods of different requests may not overlap. You can define the desired behavior for the validity period over configuration parameters. The configuration parameters are set by default. In this check, all requests of the same product for the the same request recipient are taken into account even if the product can from different shelves.
To define differing behavior
Set the desired option for the configuration parameters "QER\ITShop\GapBehavior\GapDefinition" and "QER\ITShop\GapBehavior\GapFitting" in the Designer.
Option | Description |
---|---|
0 | Only pending requests are taken into account by the check. (default) |
1 | Only approved requests are taken into account by the check. |
2 | Only assigned requests are taken into account by the check. |
Option | Description |
---|---|
0 | Validity periods can overlap. (default)
A new request is accepted if its validity period fits into at least one free time slot between between two existing requests. |
1 | Validity periods cannot overlap.
A new request is accepted if its validity period fits exactly into a free time slot between between two existing requests. |
2 | The validity period is not checked.
A request is accepted even if there is already a request for the same validity period. |
If the configuration parameters are disabled, One Identity Manager behaves as in option 0.
Figure 11: Example of Possible Validity Period for GapDefinition = 0 and GapFitting = 0
Figure 12: Example of Possible Validity Period for GapDefinition = 1 and GapFitting = 1
If a customer requests a product from a shop or shopping center and then changes to another at a later date, the product request is closed and the product is canceled. The same applies if a requested product is moved to another shelf.
You can label product service items with the option Retain service item assignment on relocation to retain their requests when they relocate. All open or approved requests in the shop being left, are transferred to any shop in which the employee is a customer and which contains the requested products. In connection with this, open requests are reset, that means the request have to go through the approval process from the beginning again.
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy