Symantec IGA

 View Only
  • 1.  Identity Suite - vApp 14.2 - IM PX issue with SQL data element

    Posted Aug 08, 2019 05:42 AM
    Hi Guys,
       I am using IM (vApp 14.2) to manage a customer request.
    Customer need me to get the Approved ID, if any WF is in place during the assign/revoke PR event, and simply put it in an external db table.
    To make things easier at the beginning I just defined a PX based on Completed event (assign/revoke Provisioning Role Event) and, using the taskSessionID written in a session attribute by a blth, I issued the following 3 SQL statement:
    - IDM : get the EventID from im tables using the event_name and the taskID
    - IDM : get the optional WFID in case a WF is in place
    - WPDS : get the approver ID from WPDS tables using the WFID obtained in 2nd step or return a default 'no approvers'

    The approver ID has been put in a simple VST message!


    All 3 queries were tested succesfully and no errors are generated during execution of the policy.

    IM task, unfortunately, when the PX is fired, remains in "pending" state (both assign/revoke provisioning role event and the user synch) and nothing can unlock the process unless i remove the "Approver ID" data element from any action of the PX and restart IM service (jboss).
    This happen for every data element read using a SQL query and put in any action of the Event based policy.

    Anybody has any suggestion on what could be the root cause of this problem or already faced this on vApp?

    I am talking about vApp because on my loval virtual machine hosting IM 14.2 this doesn't happen and the PX works fine!

    Best regards,
    Claudio


    ------------------------------
    Claudio Cordaro
    ------------------------------


  • 2.  RE: Identity Suite - vApp 14.2 - IM PX issue with SQL data element
    Best Answer

    Broadcom Employee
    Posted Aug 08, 2019 12:03 PM
    It could be that there is some data locking based on the timing of the task/event and PX operations.

    What was your account sync setting on the task? Please try with acct sync =on every event and acct sync = on task completion.
    For PX Policy Type, try both Event and Submitted Task.

    Generally we recommend avoiding direct DB queries. As a troubleshooting/workaround try running external java code to execute the queries to DB.