9. Provisioning: What's New

(Home)     Previous     Next


1. Version Control Now Has Support for Provisioning Objects

Version control of core and Designer objects were introduced in an earlier version. Now, in Designer 3.0, provisioning objects such as DAL objects, Provisioning request definition objects, team, roles, etc., can all be checked in and out of version control. The Version Control view below illustrates this feature.

The Version Control view has a slightly different hierarchy for provisioning objects. Underneath the User Application entry, you see a node called Components. This is the main node under which all provisioning objects are located. Application Configuration and Locale Configuration are also new nodes in the tree. In general, system objects and unsupported objects are also "visible" in Version Control view.


2. Role Vault Object Methods in Provisioning Request Definition and in Forms

There is a new object which can be accessed and is called RoleVault. The RoleVault object can be accessed anywhere where ECMAScript expressions are allowed in activities. The object can also be accessed from form events. The RoleVault object and its methods have been added to expression builder as well.

In case of provisioning request definition activities, RoleVault in the Expression Builder appear in the right side panel under Vault Expressions. Under Vault Expressions, there are two subcontainers, one of them is the new Role Vault. In addition, these new script methods have been classified under various sub categories, such as Container, Group, Role, SoD and User. an example is illustrated below.



In case of forms, the Role Vault object and its methods appear to the left side and under a generic Vaults object. The structure underneath Role Vault is the same as it was for expressions in activities. an example is shown below.

3. New Attestation Process Type for Provisioning Request Definitions

In addition to Normal, Role Approval, and SoD Approval, there is a new attestation process type PRD. However, these PRDs can't be created or modified by the user. Also a user can't change a process type to the attestation type PRD. Attestation type PRDs are system defined and can be deployed to run attestation reports, etc., on the User Application. Out of the box, there are two system PRDs: the Attestation Report and the Attestation User Profile. The only operation a user can perform is to define the RMB Properties on attestation type PRD in order to modify the email notification choice and to add or remove trustees.

4. Provisioning Request Activities: New Request Role Activity

A new activity, Request Role, has been added. This activity is used to either grant or revoke a Role to a User, Group, or Container.

5. Provisioning Request Activities: New Start Workflow Activity

A new activity, Start Workflow, has been added. This activity is used to start a workflow.

6. Importing Roles Defined in CSV Files

The Role Catalog provides a wizard for importing roles that are defined in a comma separated value (CSV) file. For example, if you define the set of roles you want to implement using a spreadsheet, you can export the definitions of those roles to a CSV file format, then use the Import Roles Wizard to add the roles to the Role Catalog. The Import Roles Wizard can be accessed by selecting the Import from CSV option from the Role Catalog, Roles, or a role level node.

7. Migration to a 3.6.1 Driver

You can now migrate to a 3.6.1 UA Driver which will install all the necessary components to support Attestation, such as new attestation roles, prds, reports, and entities. To migrate, RMM click on your UA Driver in the Provisioning View and select Migrate.

(Home)     Previous     Next