NetIQ Access Governance Suite
The identity list is comprised of all identities containing roles, entitlements and policy violations that are part of this certification.
Use the options at the bottom right of the table to export this list to a MicroSoft Excel Worksheet, open the Identity List view, or change the way the entitlement descriptions display. The MicroSoft Excel Worksheet is not connected to Access Governance Suite and actions taken there are not reflected in the product.
Do one of the following:
- Click on a identity to display the Certification Decisions tab and view detailed identity information.
- Right-click on a identity and select Delegate to delegate the certification for the entire identity to a different approver.
- Right-click on any item that is displaying the attention required, or star, icon to handle a revocation challenge or review the decision made by a certifier to whom this item was delegated.
- Select multiple identities using the selection boxes in the left-most column and select the appropriate action from the Select Bulk Action drop-down list at the bottom of the page. Use the multi-select box at the top of the column to select multiple identities at one time.
The default identity list contains the following information:
Note: The certification pages are configurable for each implementation of Access Governance Suite. Your screen might not display the information in this table.
Use the selection boxes to select an identity, or multiple identities, and select the appropriate action from the Select Bulk Action drop-down list at the bottom of the page. A user cannot certify themselves unless self certification is enabled during configuration.
Use the multi-select box at the top of the column to select multiple items at one time.
Note: This column is not displayed if the certification has already been signed-off on, or if you are not the certification owner.
Note: Bulk action is only available if configured for your enterprise.
Note: When you use the selection box to select and approve an identities's access information, all entitlements for that identity are approved for all roles and applications. Policy Violations are not approved.
The distinguishing identifier for this user as derived from the identity authoritative source, for example an employee number.
The first name associated with the identity that requires certification.
The last name associated with the identity that requires certification.
This column is only displayed for continuous certifications. The current state of the item in the continuous certification life cycle (certified, certification required, or overdue). The date displayed is the date at which the item will move to the next state.
The status of the certification for the specific identity. Possible statuses are:
- Open - action is required on this identity before this certification is considered complete.
- Complete - certification of this identity is complete. Requesting reassignment on all roles and entitlements moves the state to complete as well.
- Challenge - a revocation notice has been sent to a user informing them that they are about the have some access revoked and enabling them to accept or challenge that revocation.
- Challenged - a user has challenged the revocation of some access point and that challenge is awaiting your response.
- Delegated - certification for one or more entitlement belonging to this identity has been delegated to another approver. That approver has not yet taken action on the delegated certification request.
- Waiting Review - action was taken on a delegated certification request and that action is now awaiting your review.
- Returned - the certification request for this identity was delegated and returned with no action being taken.
- Yes - changes were made to this user's identity attributes or entitlement information since the last certification was completed.
- No - changes were not made to the identity attributes or entitlement information since the last certification was completed.
- New User - this is the first time the identity has been included in a certification of this type.
Select Bulk Action
A list of the actions you can perform on multiple identities at one time. The items that appear in this list are dependent on system settings defined during product configuration. The bulk actions correspond to the actions available for individual identities. Bulk actions overwrite your ability to add missing required roles to the roles being certified.