User Recertification Policy |
- Recertification Policy Name
- The name of the recertification policy.
- Recertification Policy Type
- The type of an entity that gets recertified by using this policy.
The valid values are
Account , Access ,
and Identity .
- Recertification Policy Description
- The description of the policy as specified in the policy configuration.
- Recertification Policy Enabled
- Shows whether the policy is enabled.
- Recertification Policy Scheduled
- The recertification scheduling modes. The valid values are
CALENDAR and ROLLING .
- Recertification Policy Rolling Interval in Days
- The recertification period if the recertification policy scheduling
mode is
ROLLING . No value in this query item indicates
that the scheduling is not in the ROLLING mode.
- Recertification Policy Reject Action
- An action that was taken if the recertification is rejected.
- Recertification Policy Timeout Period in Days
- The duration during which a recertifier must act.
- Recertification Policy Timeout Action
- The automatic action that must be taken if the recertification
times out.
- Recertification Policy DN
- An LDAP distinguished name for the recertification policy.
- Recertification Policy Container DN
- An LDAP distinguished name for a business unit to which the recertification
policy applies.
- Recertification Policy Is Custom
- Indicates whether the recertification policy is customized. It
is defined in the workflow.
- Recertification Policy User Class
- The type of a user to which the recertification policy applies.
The valid values are
All , Person ,
and Business Partner Person .
- Recertification Policy Scope
- Indicates whether the recertification policy applies to the business
unit and its subunits or either of them.
|
User Recert History |
- User Recert History Person Name
- The full name of a person.
- User Recert History Person Email
- The user email identifier.
- User Recert History Person Status
- A user status at the end of the recertification workflow process.
The valid values are
Active and Inactive .
- User Recert History Person Business Unit Name
- A business unit to which a user belongs.
- User Recert History Recertification Policy Name
- The recertification policy that created a user entity.
- User Recert History Timeout
- Shows whether the recertification process is timed out or not.
0 represents Not
timed out , and 1 represents Timed
out .
- User Recert History Comments
- The comments that are entered by a user during the user recertification
process.
- User Recert History Process Comments
- The comments that are entered by a user during the recertification
process.
- User Recert History Process Submission time
- The recertification policy submission time.
- User Recert History Process Start Time
- The time at which user recertification workflow process was started.
- User Recert History Process Completion Time
- A user recertification history process completion time.
- User Recert History Process Last Modified Time
- The time at which user recertification workflow process was last
modified.
- User Recert History Process Requester Name
- The name of a user who submitted the request for recertification.
- User Recert History Process Requestee Name
- The name of a user entity for whom the request for recertification
was submitted.
- User Recert History Process Recertifier Name
- The name of a user who is the final approver in the recertification
workflow process.
- User Recert History Process Result Summary
- An overall summary of a user recertification workflow process
result.
- User Recert History Process Scheduled
- The schedule for recertification policy submission.
- User Recert History Id
- A unique ID assigned by the IBM Verify Identity Governance to a user recertification audit history.
- User Recert History Person DN
- An LDAP distinguished name for a user entity in the recertification
process.
- User Recert History Recertification Policy DN
- An LDAP distinguished name for the recertification policy that
recertifies a user entity.
|
Person |
- Person Full Name
- The full name of a user.
- Person Last Name
- The surname of a user.
- Person Status
- The status of a user.
- Person Dn
- An LDAP distinguished name for a user entity.
- Person Business Unit Dn
- An LDAP distinguished name for a business unit to which a user
belongs.
- Person Supervisor
- The name of a user who is the supervisor of a user entity.
|
Person Organization |
- Business Unit Name
- The name of a business unit to which a user belongs.
- Business Unit Supervisor
- A user supervisor of a business unit.
- Business Unit DN
- An LDAP distinguished name for the business unit to which a user
belongs.
- Business Unit Container DN
- An LDAP distinguished name for the parent business unit of an
organization entity.
|
User Recert Account |
- User Recert Account Name
- The name of an account in a user recertification.
- User Recert Account Service Name
- The name of a service to which an account belongs.
- User Recert Account Service Description
- Describes the service that is associated to an account.
- User Recert Account Status
- The status of an account at the end of the recertification. The
valid values are
Approved and Rejected .
- User Recert Account Recert Id
- A unique numeric ID assigned by the IBM Verify Identity Governance to an account recertification.
- User Recert Account DN
- An LDAP Distinguished name for an account entity in the recertification.
- User Recert Account Service DN
- An LDAP Distinguished name for the service to which an account
entity belongs.
|
User Recert Group |
- User Recert Group Name
- The name of a group in the user recertification.
- User Recert Group Description
- Describes the recertification group.
- User Recert Group Status
- The status of a group at the end of the recertification. The valid
values are
Approved and Rejected .
- User Recert Group Recert Id
- A unique numeric ID assigned by IBM Verify Identity Governance to a group recertification.
- User Recert Group DN
- An LDAP Distinguished name for a group entity in the recertification.
|
User Recert Group Service |
- Group Name
- The name of a group.
- Service Name
- The name of a service to which the group belongs.
- Service Type
- The service profile type.
- Service Url
- A URL that connects to the managed resource.
- Service DN
- An LDAP distinguished name for a service to which the group belongs.
- Service Container Dn
- An LDAP distinguished name for a business unit of the service
that is associated with a group.
- Service Owner Dn
- An LDAP distinguished name for a user owner of the service.
- Group Dn
- An LDAP distinguished name for a group entity in the recertification.
|
User Recert Role |
- User Recert Role Name
- The name of a role in the user recertification.
- User Recert Role Description
- The description of a role.
- User Recert Role Status
- The status of a role at the end of the recertification. The valid
values are
Approved and Rejected .
- User Recert Role Recert Id
- A unique numeric identifier that is assigned by IBM Verify Identity Governance to a role recertification.
- User Recert Role DN
- An LDAP Distinguished name for a role entity in the recertification.
|
Account |
- Account Name
- The name of an account.
- Account Service Dn
- An LDAP distinguished name for a service that provisions an account.
- Account Status
- The status of an account. The valid values are
Active and Inactive .
- Account Compliance
- The details about an account compliance. The valid values are
Unknown , Compliant , Non
Compliant , and Disallowed .
- Account Ownership Type
- The ownership type of an account. The valid values are
Individual , System , Device ,
and Vendor .
- Account Last Access Date
- The last date when an account was accessed.
- Account Container Dn
- An LDAP distinguished name for a business unit to which an account
belongs.
|
Account Service |
- Service Name
- The name of a service to which an account belongs.
- Service Dn
- An LDAP distinguished name for a service to which an account belongs.
- Service Container DN
- An LDAP distinguished name for a business unit of a service that
is associated to the accounts.
- Service Owner DN
- An LDAP distinguished name for a user owner of the service.
- Service Url
- A URL that connects to the managed resource.
- Service Type
- The service profile type.
|
Account Owner |
- Person Full Name
- The full name of a user who owns an account.
- Person Last Name
- The surname of a user who owns an account.
- Person Status
- The status of a user who owns an account.
- Person DN
- An LDAP distinguished name for an account owner.
- Person Business Unit DN
- An LDAP distinguished name for a business unit that is associated
to an account owner.
- Person Supervisor
- The supervisor of an account owner.
|
Account Recert History |
- Recert History Service Name
- The name of a service to which accounts and groups belong. These
accounts and groups are involved with an account recertification audit.
- Recert History Service Profile
- The profile type of a service.
- Recert History Status
- An account status at the end of the recertification workflow process.
The valid values are
Abort , Approved , Timeout , Pending ,
and Rejected .
- Recert History Action
- The action that is taken on an account at the end of recertification
process as defined by the recertification policy. The valid values
are
Abort , Certify , Delete , Mark , Certify
Administrative , and Suspend .
- Recert History Comments
- The comments that are entered by a user during recertification
process.
- Recert History Process Start Time
- The time at which an account recertification workflow process
started.
- Recert History Process Submission Time
- The time at which recertification policy was submitted.
- Recert History Process Completion Time
- The time at which an account recertification workflow process
completed.
- Recert History Process Last Modified Time
- The last modified time for an account recertification workflow
process.
- Recert History Process Comments
- The comments that are entered by a user during recertification
process.
- Recert History Process Result Summary
- The summary of the recertification process result. The valid values
are
Success , Failed , Pending , Escalated , Skipped , Timeout ,
and Warning .
- Recert History Process Requestee Name
- The name of a user entity for whom the recertification request
is submitted. For example, if the entity for recertification is an
account, then the query item is the name of the account.
- Recert History Process Requester Name
- The name of a user who submitted the recertification request.
For example, if administrator submits a request for recertification,
then this query item is the name of the administrator.
- Recert History Recertifier Name
- The name of a user who is the final approver in the recertification
workflow process.
- Recert History Activity Owner
- An owner of recertification activity for an account.
- Recert History Recertifier Id
- An account identifier of the recertifier.
|
Access |
- Group ID
- An identifier for a group.
- Group Name
- The name of a group for which an access is defined.
- Group Type
- The profile type of a group.
- Group Access Name
- The name of the access that is defined for a group.
- Group Access Type
- The type of the access that is defined for a group.
- Group DN
- An LDAP distinguished name for a group entity for which an access
is defined.
- Group Container DN
- An LDAP distinguished name for a business unit that is associated
with a group.
- Group Service DN
- An LDAP distinguished name for the service that is associated
to a group.
|
Access Recert History |
- Recert History Service Name
- The name of a service to which accesses and groups belong. These
accesses and groups are involved with an access recertification audit.
- Recert History Service Profile
- The profile type of a service.
- Recert History Status
- An access status at the end of the recertification workflow process.
The valid values are
Abort , Approved , Timeout , Pending ,
and Rejected .
- Recert History Action
- The action that is taken on an access at the end of recertification
process as defined by the recertification policy. The valid values
are
Abort , Certify , Delete , Mark , Certify
Administrative , and Suspend .
- Recert History Comments
- The comments that are entered by a user during recertification
process.
- Recert History Process Start Time
- The time at which an access recertification workflow process started.
- Recert History Process Submission Time
- The time at which recertification policy was submitted.
- Recert History Process Completion Time
- The time at which an access recertification workflow process completed.
- Recert History Process Last Modified Time
- The last modified time for an access recertification workflow
process.
- Recert History Process Comments
- The comments that are entered by a user during recertification
process.
- Recert History Process Result Summary
- The summary of the recertification process result. The valid values
are
Success , Failed , Pending , Escalated , Skipped , Timeout ,
and Warning .
- Recert History Process Requestee Name
- The name of a user entity for whom the recertification request
is submitted. For example, if the entity for recertification is an
access, then the query item is the name of the access.
- Recert History Process Requester Name
- The name of a user who submitted the recertification request.
For example, if administrator submits a request for recertification,
then this query item is the name of the administrator.
- Recert History Recertifier Name
- The name of a user who is the final approver in the recertification
workflow process.
- Recert History Activity Owner
- An owner of recertification activity for an access.
- Recert History Recertifier Id
- An access identifier of the recertifier.
|