We have introduced SSO with Entra ID. This means we do not have to look at the access of users in LeanIX anymore. Also for stopping the access by removing them from our IdP. But what if a user is also subscribed as an owner of a factsheet. We use the Quality Seal and if it breaks the e-mail is send to a users email that's no longer in the company. So we need to be alerted if a user is deactivated so we can transfer ownership.
Of course we can do a manual check but would love to have a automated process so we are looking for some best practices. How do you take care of deactivating user and transfer ownership.
Page 1 / 1
Hi Roald,
I can relate to the issue you described.
We also use user provisioning via Entra ID. Once a month, we run the Subscriptions Manager (LeanIX Store) to identify archived users who are still subscribers to fact sheets. The report has some limitations, such as not being able to filter by fact sheet type, subtype, or lifecycle.
After that, the process is entirely manual: we contact the line manager of the leaver and ask who the successor will be.
Our long-term plan is to integrate with the joiners, movers, leavers process and automatically create a task for the line manager.
Hi
we are using a scheduled python script. It gest inactivated users via powershell. Then it compare with active users from LeanIX (LeanIX API https://fanuc.leanix.net/services/mtm/v1/workspaces/YOUR_WORKSPACE/permissions?page=0&status=!ARCHIVED"). The result contain users to be Archived. We get the factsheets where the user is a subscriber:
- if user is accoutable or responsible
- Break the fasctheets QS (Graphql mutation)
- Create todo for remaining responsible(s) or accountable, in there is no one remaining, create todo for LeanIX admin (LeanIX API)
- remove subscription (Graphql mutation)
- Archive user (LeanIX API)
We run the script on a daily basis.
Best regards,
Carsten
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.