AnsweredAssumed Answered

Public Tasks Rolled Out but NOT USED

Question asked by Chris_Ryan_Thomas on Aug 10, 2017
Latest reply on Aug 16, 2017 by Chris_Ryan_Thomas

Noticing that public self-service tasks are deployed and on client workstations, but that the vast majority, if not all of the end-users, either refuse to use them or give up on attempting without contacting the help desk. 


My thought is that this has to do with the QnA pairs and that this isn't built into the enrollment process, or onboarding process for new identities and existing users can't utilize these features without issues. Within another solution, I recall a clever workaround of triggering a pxp to run a powershell script which would trigger a login script that would launch a web browser on the client workstation at user login that prompts the end user to fill out their QnA so that they could use their password self-service tasks when they need them.  After filling out their QnA then the PxP would disable the login script or registry setting on the domain client workstation.  


Essentially what I'm looking for is ideas on

   1) how to ascertain who is using the public tasks (successfully & unsuccessfully) maybe through submitted tasks, ldap or the database

   2) who isn't setup properly for identity verification with public tasks and how best to encourage or require these users to complete their enrollment (PXP or some other methods)?

   3) how best to encourage the use of these self-service features currently deployed on workstations throughout the enterprise.


My concern is that this ca identity manager self-service technology is the first touch point for ca identity manager and if every time a user clicks these self-service links, on their computer, ca identity manager simply says that the user is disabled this isn't useful.  It requires the end user to call the helpdesk anyway, how does this create a positive impression for the identity management features and functionality currently rolled out when simple self-service is inaccessible for most users?


I'm sure this has come up before with CA services, CA support, and other customers, so I'm looking for real world feedback to not only check a check box that self-service was implemented, but to truly roll it out effectively, to the entire organization, and encourage the use of these self service features by ensuring that every user within the enterprise is authorized to self-service themselves without having to contact the help desk every time they have an issue.