Skip to main content

Renames

From time to time, users will change their names, commonly due to changes in marital status. At a minimum, a user’s new name should be reflected on any systems where the user’s name appears.

If the user’s name was used to construct the user’s login ID or email address, a number of additional changes may have to be made if the login ID changes as a result of this name change.

Change requests that include the user must also be updated so that they can still participate. For this reason, it is preferable to assign login IDs that are not based on user names, or at least not based on surnames.

Automation

im_corp_automated_rename

Purpose:

This scenario implements an automated rename process for existing users based on changes to name attributes detected on a monitored system of record (SoR).

Configuration:

This scenario relies on configuration data located in the following external data store (extdb) tables:

  • hid_global_configuration: Adds RENAME_* settings under the AUTOMATION namespace, to define parameters such as the target ID for the SoR, the attributes whose change should trigger the rename process or the pre-defined request to be used for automated rename requests.

  • im_policy_authorization: Adds an authorization rule to allow idtrack (automation) requests to be auto-approved.

  • hid_policy_attrval_*: Adds rules for handling profile attributes such as PROFILEID or EMAIL, which may have to be updated as part of rename requests.

Example: User name changes originating in the System of Record

This example shows you how to rename a user by changing his or her name on the System of Record (SoR).

Requirements

This example assumes that:

  • You have installed Bravura Workforce Pattern or Scenario im_corp_automated_rename

  • You have configured an SoR target system identified by HRAPP .

Change name on the system of record (SoR)

Change the First name, Middle name, or Last name of a user on the HRAPP target system.

Run auto discovery

Run auto discovery to load changes on the target system into the product database:

  1. Log in to Bravura Security Fabric as superuser.

  2. Navigate to Manage the system > Maintenance > Auto discovery > Execute auto discovery .

  3. Click Continue .

  4. Wait until auto discovery completes.

Approve name change request

To approve the name change request:

  1. Log in to Bravura Security Fabric as one of the authorizers of the NAME-CHANGE pre-defined request.

  2. From the main menu, click Requests.

    The Requests app opens.

  3. From the Results panel , select the request with the description "Change of name" and requester "Shipped user of the API".

  4. Bravura Security Fabric displays the details in the Actions panel on the right.

  5. Review the request.

  6. Click Approve and confirm the approval by clicking the Approve button below the notes field.

Manual requests

im_corp_manual_rename

Purpose:

This scenario allows individual users to initiate a request to change their name.

Configuration:

This scenario relies on configuration data located in the following external data store (extdb) tables:

  • im_policy_authorization: Adds authorization rules for rename requests so that they require approval from a member of the HR team.

  • hid_policy_attrval_*: Adds rules for handling profile attributes such as PROFILEID or EMAIL, which may have to be updated as part of rename requests.

Example: Submit a change of name request as an end user

This example shows you how to rename a user using a pre-defined request NAME-CHANGE.

Requirements

This example assumes that:

  • You have installed Bravura Workforce Pattern or Scenario im_corp_manual_rename so the pre-defined request (PDR) NAME-CHANGE has been added.

  • You have updated the im_policy_authorization rule for the PDR NAME-CHANGE .

Submit name change request

To submit a name change request:

  1. Log in to Bravura Security Fabric as an end user.

  2. Click View and update profile from the My profile menu.

  3. Click Change of name.

  4. Enter a new Last name.

  5. Click Submit.

Approve the name change request

To approve the request:

  1. Log in to Bravura Security Fabric as one of the authorizers of the request.

    By default, the authorizers are selected by the authorization plugin from members of the HR department. You can update the im_policy_authorization rule for the NAME-CHANGE PDR to assign authorizers.

  2. From the main menu, click Requests. The Requests app opens.

  3. From the Results panel select the request you want to review.

    Bravura Security Fabric displays the details in the Actions panel on the right.

  4. Review the request.

  5. Click Approve and confirm the approval by clicking the Approve button below the notes field.

Track the results of the name change

To track the results of the name change request:

  1. Try to log into the Bravura Security Fabric web app with the old Profile ID of the renamed user.

    The login should fail, as the user is invalid.

  2. Log in to Bravura Security Fabric with the new Profile ID of the renamed user.

    The login should be successful.

    The new Profile ID can be found in the details page of the name change request. By default, the new Profile ID will be Last name + Middle name + First name, all in capital case. The rule for Profile ID generation is defined in hid_policy_attrval_calculation.

  3. Click View and update profile from the My profile menu.

    The name and profile ID of the user should have been updated. The renamed user should retain all entitlements and privileges.

  4. On the Active Directory target system, view the properties of the renamed user.

    The user's name, logon name, and email address should have been updated.

In this section: