Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Provisioning / Deprovisioning JSONs for SQL Server

yogesh
Regular Contributor III
Regular Contributor III

‎03/14/2023 10:42 AM

The docs don't explain how I can provision / deprovision accounts if multiple statements are required to be executed for example, in case of SQL Server we have to execute below statements to create a login and a user in order to create an account in the target:


USE [master]
GO
CREATE LOGIN [MYDOMAIN\myusername] FROM WINDOWS WITH DEFAULT_DATABASE=[master]
GO
USE [mydbname]
GO
CREATE USER [MYDOMAIN\myusername] FOR LOGIN [MYDOMAIN\myusername]
GO

similarly multiple statements are required for account removal as well.
These statements are pretty standard for SQL Server.

How do I form the CREATEACCOUNTJSON and DELETEACCOUNTJSON for SQL server

Labels:
0 Kudos
2 REPLIES 2

yogesh
Regular Contributor III
Regular Contributor III

‎03/15/2023 02:06 AM

GRANTACCESSJSON and REVOKEACCESSJSON are working for me but I can not get the CREATEACCOUNTJSON and DELETEACCOUNTJSON working:

Have tried these JSONs:
CREATEACCOUNTJSON:

{
	"CreateAccountQry": [
		"CREATE LOGIN [${accountName}] FROM WINDOWS WITH DEFAULT_DATABASE=[master]",
		"CREATE USER [${accountName}] FOR LOGIN [${accountName}]"
	]
}


{
	"CreateAccountQry": [
		"USE [master]",
		"GO",
		"CREATE LOGIN [${accountName}] FROM WINDOWS WITH DEFAULT_DATABASE=[master]",
		"GO",
		"USE [RAEUDXT05]",
		"GO",
		"CREATE USER [${accountName}] FOR LOGIN [${accountName}]",
		"GO"
	]
}

 

DELETEACCOUNTJSON 

{
	"DeleteAccountQry": [
		"DROP USER [${accountName}]",
		"DROP LOGIN [${accountName}]"
	]
}


{
	"DeleteAccountQry": [
		"USE [RAEUDXT05]",
		"GO",
		"DROP USER [${accountName}]",
		"GO",
		"USE [master]",
		"GO",
		"DROP LOGIN [${accountName}]",
		"GO"
	]
}

 

Working queries for add and remove access:

{
	"Role": [
		"ALTER ROLE [${task.entitlement_valueKey.entitlement_value}] ADD MEMBER [${accountName}]"
	]
}
{
	"Role": [
		"ALTER ROLE [${task.entitlement_valueKey.entitlement_value}] DROP MEMBER [${accountName}]"
	]
}

I get this error on the create account task and remove account tasks:
SAV - Error while creating account - mydom\myaccountname -Exception occured while Excecuting Query

0 Kudos

gwagh
Regular Contributor
Regular Contributor

‎06/07/2023 05:10 AM

Hi @yogesh, Did you get any solution ? We are facing same error in createaccountjson. 

0 Kudos
Copyright © 2024 Khoros, LLC