Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Need a query that reports all the duplicate accounts that the user is having

sharu
New Contributor
New Contributor

Hi Team,

Need a query that displays all the duplicate accounts that the user is having along with account status and endpoint name .

Thanks ,

Sharanya V

 

12 REPLIES 12

rushikeshvartak
All-Star
All-Star

SELECT
a.name,
ep.endpointname,
ep.endpointKey,
a.lastlogondate AS 'Last Logon',
MONTHNAME(a.lastlogondate) AS lastlogonmonth,
CASE WHEN a.status = 1 THEN 'Active' ELSE 'Inactive' END AS 'Account Status'
FROM
accounts a
INNER JOIN
endpoints ep ON a.ENDPOINTKEY = ep.ENDPOINTKEY
INNER JOIN
USER_ACCOUNTS UA ON UA.accountkey = a.accountkey
INNER JOIN
USERS U ON UA.userkey = U.userkey
GROUP BY
a.name,
ep.endpointname,
a.status
HAVING
COUNT(U.username) > 1;


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi Rushikesh,

I need the user details and all the entries of duplicate accounts that the user is having for all the endpoints. The above query is not displaying all the entries of duplicate accounts that the user is having.

Thanks,

SharanyaV

 

Elaborate with example

SELECT
u.username,
u.userkey,
a.name AS account_name,
ep.endpointname,
ep.endpointKey,
a.lastlogondate AS 'Last Logon',
MONTHNAME(a.lastlogondate) AS lastlogonmonth,
CASE WHEN a.status = 1 THEN 'Active' ELSE 'Inactive' END AS 'Account Status'
FROM
users u
INNER JOIN
user_accounts ua ON u.userkey = ua.userkey
INNER JOIN
accounts a ON ua.accountkey = a.accountkey
INNER JOIN
endpoints ep ON a.endpointkey = ep.endpointkey
WHERE
u.username IN (
SELECT u.username
FROM users u
INNER JOIN user_accounts ua ON u.userkey = ua.userkey
INNER JOIN accounts a ON ua.accountkey = a.accountkey
GROUP BY u.username, u.userkey
HAVING COUNT(DISTINCT a.endpointkey) > 1
)
ORDER BY
u.username, ep.endpointname, a.name;


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi @rushikeshvartak ,

I need only the duplicate entries only. For eg: if a user is   having two accounts provisioned to same system , it should display both the entries of the accounts .

But in the above query it is displaying all the duplicate and non duplicate accounts that the user is having.

Thanks,

Sharanya V

 

 

 

 

 

SELECT
    u.username,
    u.userkey,
    a.name AS account_name,
    ep.endpointname,
    ep.endpointKey,
    a.lastlogondate AS 'Last Logon',
    MONTHNAME(a.lastlogondate) AS lastlogonmonth,
    CASE WHEN a.status = 1 THEN 'Active' ELSE 'Inactive' END AS 'Account Status'
FROM
    users u
INNER JOIN
    user_accounts ua ON u.userkey = ua.userkey
INNER JOIN
    accounts a ON ua.accountkey = a.accountkey
INNER JOIN
    endpoints ep ON a.endpointkey = ep.endpointkey
WHERE
    u.username IN (
        SELECT u.username
        FROM users u
        INNER JOIN user_accounts ua ON u.userkey = ua.userkey
        INNER JOIN accounts a ON ua.accountkey = a.accountkey
        GROUP BY u.username, ep.endpointkey
        HAVING COUNT(a.accountkey) > 1
    )
ORDER BY
    u.username, ep.endpointname, a.name;

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi @rushikeshvartak ,

SELECT
    u.username,
    u.userkey,
    a.name AS account_name,
    ep.endpointname,
    ep.endpointKey,
    a.lastlogondate AS 'Last Logon',
    MONTHNAME(a.lastlogondate) AS lastlogonmonth,
    CASE WHEN a.status = 1 THEN 'Active' ELSE 'Inactive' END AS 'Account Status'
FROM
    users u
INNER JOIN
    user_accounts ua ON u.userkey = ua.userkey
INNER JOIN
    accounts a ON ua.accountkey = a.accountkey
INNER JOIN
    endpoints ep ON a.endpointkey = ep.endpointkey
WHERE
    u.username IN (
        SELECT u.username
        FROM users u
        INNER JOIN user_accounts ua ON u.userkey = ua.userkey
        INNER JOIN accounts a ON ua.accountkey = a.accountkey
        GROUP BY u.username, ep.endpointkey
        HAVING COUNT(a.accountkey) > 1
    )
ORDER BY
    u.username, ep.endpointname, a.name;

While validating the above query results, it provides all the accounts that the user is having. It should only display the duplicate accounts only. But in this case both duplicate and non duplicate accounts are displaying.

Thanks,

Sharanya V

 

Share screenshot and highlight what should be there and what not. and in result on which basis some account should not be shown ?


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi @rushikeshvartak ,

Please check the below screenshot:

sharu_0-1722932671191.png

Consider the above date , so the query should display only the highlighted ones where there is two accounts found for the same system/endpoint , but in this case it is displaying all the accounts including the non-highlighted ones.

Thanks,

Sharanya V

Example is wrong as account name is unique and can’t be same / are you considering SFIS status account?


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

@rushikeshvartak This is just eg where I'm showing account name unique, but account names are different for each system, but I'm looking something where the query identifies user having more than one  accounts in the same system/endpoint, it could either be active or inactive one , but the query must display more than one account only and ignore the other accounts which are not more than one.

Regards,

Sharanya V

 

Deven
New Contributor
New Contributor

Hello @sharu 

I hope the below query will help you 

Select u.USERNAME, e.endpointname, group_concat(a.name order by a.name asc) accountname, group_concat(a.status order by a.name asc) accountstatus from accounts a join endpoints e ON a.endpointkey=e.endpointkey left join user_accounts ua ON ua.accountkey=a.accountkey left join users u ON u.userkey=ua.userkey where e.endpointname in ('XYZ') and a.status not in ('SUSPENDED FROM IMPORT SERVICE', '2') and u.userkey is not null group by u.username, e.endpointname having count(u.username)>1

Thanks & Regards 

Deven Karande

 

PremMahadikar
All-Star
All-Star

Hi @sharu ,

This should be your query.

Select 
	u.USERNAME, 
	CASE 
		WHEN u.statuskey = 1 THEN 'Active' ELSE 'Inactive' 
	END AS 'User Status',
	a.name as Accountname,
	CASE 
		WHEN a.status = 1 THEN 'Active'
		WHEN a.status = 2 THEN 'Iactive'
		ELSE a.status 
	END AS 'Account Status'
from 
	accounts a left join user_accounts ua ON ua.accountkey=a.accountkey 
	left join users u ON u.userkey=ua.userkey 
	a.ENDPOINTKEY=<10>ENDPOINTKEY
group by a.name having count(a.name)>1
order by u.username asc

 

If this is helpful, please consider selecting Accept As Solution and hit Kudus