Lifecycle Business Rules
Lifecycle Business is an HR model that defines the various stages in which a worker progresses within an organization. Lifecycle Business Rules provides 4 stages:
- Hire, Rehire
- Change of Role
- Termination
- Leave:
- Long term leave
- FMLA (Family and Medical Leave Act)
- Legal
- Security and Discipline
You can select the Employee Lifecycle required for your business use cases. At the runtime, the workflow will only process employee which match the selected stages.
Hire, Rehire¶
Create or reactivate user in Identity Platform upon hire, rehire. Using this operation, you can create an Employee profile in the Active Directory when an employee is created in HR system.
A common password for all employees - Select the "a common password for ALL employees" radiobutton. It will provide the textarea in which you can map from trigger data or put user input value for password. And you can also put some conditions using excel function.
Initial password length - Choose the initial password length to match your AD password policy. Password is randomly generated according to the provided length.
Write back work email to HR system during new hire process - The Identity management system will first generate emails for newly onboarded employees, and subsequently, these emails will be recorded in the business email field within HR applications.
Pre-boarding & On-boarding¶
Select the time to execute preboarding and onboarding
- This field is used to choose the timestamp when the preboard or onboard event should be performed.
With the help of the lookup table (highlighted in red), you can choose any attribute value as a filter. If the filter passes, the timestamp provided in the filter will be used; otherwise, the default time will be used for the event.
Days in advance of start date to pre-board employee
- This field is used to select the number of days before the start date to perform the preboard event.
With the help of the lookup table (highlighted in red), you can choose any attribute value as a filter. If the filter passes, the days provided in the filter will be used; otherwise, the default value of days will be used for the event performance.
Time in advance of start date time to enable the account
- The checkbox (highlighted in blue) is used to select the time (4, 8, or 12 hours) before the start date time to enable the account.
Change of Role¶
Update user in Identity Platform when employee is updated in HR system. Using this operation, you can update an Employee profile in the Active Directory when employee is updated in HR system.
Whitelist (retain) some of the security groups and distribution lists - The selected security groups and distribution lists will not be touched when updating an employee profile.
Exclude Employee Attributes on Updating - The selected attributes will not be consider when updating an employee profile.
Write back work email to HR system when mail is updated - The email information will be updated in the Identity management system and subsequently entered into the business email field in HR applications.
Termination¶
Terminate user in Identity Platform when employee is terminated in HR system. Using this operation, you can terminate an Employee account in the Active Directory when an employee is terminated in HR system.
Choose OU for terminated user - All terminated users will be moved to the selected user group. You can choose "Do not change OU" from the dropdown if you do not want to change an OU.
Selected attributes will be purged on termination - All the selected Active Directory (AD) attributes will be purged upon termination.
Handling of Group Memberships¶
The group memberships will be updated upon terminating an employee profile based on the below selection.
Remove ALL assigned groups - All the assigned group memberships will be removed.
Retain ALL assigned groups - None of the existing group memberships will be removed.
Retain selected groups - The selected group memberships will be retained, rest will be removed.
Convert user mailbox to shared mailbox - Mailbox of employee will be converted to shared mailbox upon termination. For more information click here.
In a multi-domain controller setup, when selecting the 'Retain selected groups' option under 'Handling of security group and distribution list memberships', you can select Security Groups and Distribution lists for any of the base DNs in your AD.
And, if you have enabled 'Enable pre-boarding, future hires and scheduled terminations' on Application page then below mentioned options will be provided in the design.
Scheduled Terminations¶
Employee termination time
- Choose preferred time to schedule the termination record of the employee. In this, the termination event will take place on the scheduled time.
With the help of the lookup table (highlighted in red), you can choose any attribute value as a filter. If the filter passes, the timestamp provided in the filter will be used; otherwise, the default time will be used for the event performance.
Day(s) to terminate after the last day worked
- Choose a day(s) to delay the offboard employee than its termination date. Initially the option none is selected, you can modify it as per the requirements.
With the help of the lookup table (highlighted in red), you can choose any attribute value as a filter. If the filter passes, the days provided in the filter will be used; otherwise, the default value of days will be used for the event performance.
Support Immediate Termination - Based on the provided condition, employee will be terminated effectively irrespective of the last day.
Delete account after the aging period
- User account will be deleted from identity management system after the specified aging period. Only the terminated employee account which match the criteria will be deleted. If none of the criteria matches, then default aging period will be selected.
Exclude Employee Attributes on Terminating - The workflow would update employee attributes on termination if any attributes changed in HR platform. You can select not to change some attributes on termination.
Leave¶
An organisation can have multiple type of leave for their employees. Hire2Retire supports multiple type of leaves to choose from. Each type can be configured to specify employee's access differently for different leave types based on the requirement.
- Long-Term Leave: Long-term leave refers to an extended period off from work, usually beyond a few weeks or months. It could be due to medical reasons, maternity/paternity leave, sabbaticals, or other personal reasons. It is the general type of leave and is currently supported in Hire2Retire
- FMLA (Family and Medical Leave Act): FMLA is a federal law in the United States that entitles eligible employees of covered employers to take unpaid, job-protected leave for specified family and medical reasons with continuation of group health insurance coverage under the same terms and conditions as if the employee had not taken leave.
- Legal Leave: Legal leave refers to type of leave that is granted to an employee as required or protected by law. This could include leave for jury duty, military service, voting, or other legally mandated absences.
- Security and Disciplinary Leave: Security and Disciplinary leave is a type of leave that is imposed as a result of disciplinary action taken against an employee for misconduct or violation of company policies.
According to the leave types chosen, you can configure the below properties. You can configure one or many type of leaves according to the usage.
Disable User - (Optional) Select the Disable User checkbox to terminate the user.
Choose OU - Choose OU, which you want to configure for an employee which is on long term leave. You can choose "Do not change OU" from the dropdown if you do not want to change an OU.
Managing security groups and distribution lists¶
Retain ALL assigned groups - All the existing group memberships will get retained.
Remove ALL assigned groups - All the existing group memberships will be removed.
Retain selected groups - The selected group memberships will not be touched when an employee is on long term leave, rest will be removed.
Remove selected groups - The selected group memberships will be removed when an employee is on long term leave, rest will not be touched.
In a multi-domain controller setup, when selecting the 'Retain selected groups' option under 'Managing security groups and distribution lists', you can select Security Groups and Distribution lists for any of the base DNs in your AD.
In a multi-domain controller setup, when selecting the 'Remove selected groups' option under 'Managing security groups and distribution lists', you can select Security Groups and Distribution lists for any of the base DNs in your AD.
Exclude Employee Attribute - If you want any data that should not be updated, then you can check those attributes from the multi-select checklist when you leave an employee.