Hi, we are using NetIQ IDM 4.0.2 on windows and have an AD driver
connecting to Active Directory.

We have a workflow (PRD) that assigns a role to the user. The role is
mapped to a resource and resource is mapped to entitlement. once the
entitlement is assigned the respective group in AD is added to the user
in AD. (We are not synching AD groups in IDM)

The PRD has one level of approval.

The scenario is: The request is approved, worflow assigns the role and
Roles Resource driver assigns the resource and entitlements. But the AD
driver is stopped or no connectivity to AD. As per this scenario for the
requester, the request is approved but actually not added to group in

Is there a way, to verify the provisioning status (whether the group is
added or not) on the workflow and then complete the workflow.

At this point we want to make the status as 'Pending' for AD provision.
And once the driver is up and connected and once the AD group is
assigned to the user, then make the PRD status as finished.

Also, can we have workflow status other than 'Approved' or 'Denied' (we
want to have like pending, running, etc)


dinatechmnovell's Profile: https://forums.netiq.com/member.php?userid=6777
View this thread: https://forums.netiq.com/showthread.php?t=51210