System Maintenance

SailPoint provides System Maintenance tasks with the IdentityIQ application, the Work Item Expiration Scanner, Mitigation Expiration Scanner, System Maintenance, System Maintenance Object Pruner, Role Overlap Analysis, and the Synchronize Roles task. These tasks are configured, by default, to run in the background of the application and update score card, application, and role information as needed.

The Work Item Expiration Scanner checks for work items that were assigned but have not been completed by the set expiration date.

The Mitigation Expiration Scanner checks for roles or entitlements for which the exceptions allowed during certification have expired.

The System Maintenance task prunes identity snapshots, task results, access request attachments, and certifications, escalates orphaned work items, and performs other background maintenance tasks. IdentityIQ ships a predefined instance of this task that is called Perform Maintenance .

The System Maintenance Object Pruner prunes objects in batches to improve performance. This task is not part of the System Maintenance task pruning operations and is run independently when necessary. This task is always run with partitioning enabled. This task is useful if you want to set up tasks specifically for pruning objects; pruning can also be accomplished using the System Maintenance/Perform Maintenance task, with partitioning enabled.

The Role Overlap Analysis performs impact analysis on a specified role. The task result name is annotated with the name of the selected role so you can tell multiple analysis results apart.

The Synchronize Roles task synchronizes IdentityIQ roles with the roles on the identity management systems that are configured to work through a provisioning provider.

The Reset Orphaned WorkItem Events task is designed to recover orphaned work item events.Thisis a user-driven task to determine the conditions in which a work item event is determined to be orphaned by way of workflow name, which should be restarted or discarded. The determination condition would be for work item that are of type Event, have expired locks, and are X-time beyond the date in which the Perform Maintenance task was to have run.Your control X-time. A list of workflows can also be supplied used to declare for which workflows a work item would restart. Any work item that otherwise matches the search condition are purged. Details of the purged work items could be captured in the task result or as a WorkItem Archive.