2 Replies Latest reply on Aug 4, 2012 10:53 AM by Gyanprakash Pandey

    Rule in OIM

      We are using access policy based provisioning for AD. In that i came across a rule which is a combination of 2 other rules and an element in this rule itself evaluated with AND operator. The first 2 rules are checking for specific value in user profile data and the element added in this rule is checking for a user defined field in the user form using == operator against a db function. The logic in the function is nothing but a select query from a custom table. So how this rule will get eveluated.
      It is like X (user defined field in user form in invisible status) == package.function.

      When i checked the usr table almost all the values against this column seems to be null. So what is the specific reason of using a rule element like this. Thanks.

        • 1. Re: Rule in OIM
          Nishith Nayan
          given rule expression means :

          Rule1 : attribute1==pkg.function1()
          Rule2: attribute2== pkg.functiion2()
          Final Rule : Rule 1 AND Rule ( Rule1 and Rule2 should be true):
          That means if the attribute1 AND attribute2 has specified value then only Ad will get provisioned.

          Yes you could club this under single rule with AND operator there is no need of having two separate rule and then combining in one. But, this is also okay

          Attribue( user defined field in user form in invisible status ) having null values in table. So it may be the logic, if it is visible then the value is numeric (1 or 0) else null. You have to validate that.
          1 person found this helpful
          • 2. Re: Rule in OIM
            Gyanprakash Pandey
            In case of applying AND rule, all rules must be true then only policy will fire. If first rule is false, other rules will not be even evaluated Or if any of rules are false, policy will not be fired.

            1 person found this helpful