This is an old revision of the document!


Uniform password for new accounts

The main goal of a uniform password for new accounts is to ensure that new identities will have the same password in newly created accounts.

This feature solves this scenario:

  1. Let's have the synchronization of new identities. This synchronization will create new identity I.
  2. This synchronization is followed by the synchronization of contracts, which creates 2 new contracts C1, C2 for identity I.
  3. A tree automatic role will be linked to contract C1, which according to the structure will create an A1 account on the S1 system.
  4. An attribute automatic role will be linked to contract C2, which will create an A2 account on the S2 system according to the contract's attribute.

Without the use of the uniform password feature, after the completion of the mentioned scenario, ie. After completing the synchronization of contracts (automatic role recalculation), two new accounts A1 and A2 are created, each of which will contain a different password. The user will receive two notifications of the creation of a new account for each account separately.

If you use the uniform password feature, two accounts will also be created, but both will have the same password. The user will recevie only one notification about the creation of an account on systems S1 and S2.

The manually created delegation definition should be deleted after deleting the last link to the task.
After reassigning the task, also send a notification to the delegator.
By default (in standard process for change permissions), the rule is that if the logged-in user is the implementer of the request (the one who submitted it) and at the same time is one of approvers, then this task is skipped (approval is assumed). However, this rule does not apply in the case of delegation (ie if the delegate is both the approver and the implementer, the task will be created and assigned).
If one approval task is delegated more than once, or for more approvers, then only the last delegation's business card is displayed in the task detail.
Delegation works only on first level. So if user A delegates to user B, and at same time user B delegates to user C, then it doesn't mean that all tasks from A are now delegated to user C!
  • by svandav