Person is on temporary leave - Physical ID
Normally, setting persons to active/inactive is managed in the AD or HR system and handled in Identity Manager via the automatic import. Optionally, they can be available as manual processes.
Standard workflow
| Actor | Action | Option | Physical ID | Digital ID | Physical access | |
|---|---|---|---|---|---|---|
| 1 | Registration officer or Helpdesk | In Identity Manager: Browses for the person and clicks Deactivate. | - |
|
|
|
| 2 | Identity Manager | Sets person to Inactive, removes all roles. | - |
|
|
|
| 3 | Identity Manager | Optionally, locks any connected cards. | - |
|
|
|
| 4 | Identity Manager | Exports the card data to the PACS system. |
| |||
| 5 | Identity Manager | Locks any software tokens. | - |
|
| |
| 6 | CA | Revokes any certificates. | - |
|
|
Technical references
| Option | Process |
|---|---|
Deactivate employee | BaseProcDeactivateEmployee (see image) |
| Deactivate contractor | BaseProcDeactivateContractor |
| Deactivate visitor | BaseProcDeactivateVisitor |
Deactivate employee and physical IDs | CCProcDeactivateEmployee |
| Deactivate contractor and physical IDs | CCProcDeactivateContractor |
| Deactivate visitor and physical IDs | CCProcDeactivateVisitor |
Deactivate employee and digital IDs | PcmProcDeactivateEmployee |
| Deactivate contractor and digital IDs | PcmProcDeactivateContractor |
| Deactivate visitor and digital IDs | PcmProcDeactivateVisitor |