When a preventative identity policy is associated with a workflow process for a task, CA Identity Manager generates a work list item for the appropriate approvers. These approvers use an Approval task to approve or reject the change that triggered the policy violation.
The default Approval task includes a section that lists identity policy violations. There may be more than one violation if the proposed changes trigger multiple preventative identity policies.
Each violation can have of the following status:
CA Identity Manager has not started evaluating the approval rules for the task yet. This is the initial state.
CA Identity Manager located a match for the identity policy defined in the approval rules and triggered the associated workflow process.
An approver approved the proposed changes. CA Identity Manager makes the changes that triggered the preventative identity policy violations.
An approver rejected the proposed change. The task is rejected.
There is no workflow process configured for this violation. The task executes without any approval required.
Copyright © 2015 CA Technologies.
All rights reserved.