Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
No ratings

How To - Achieve User / Account Name uniqueness check across multiple domains using ADSI connector?

ParitaSavla
Saviynt Employee
Saviynt Employee

on ‎04/05/2023 01:44 PM

Use Case:

How to achieve User / Account Name uniqueness check across multiple domains using ADSI connector?

 

Application Version:

SP3.16 and above

 

Pre - Requisite:

The user should have ROLE_ADMIN SAVROLE to configure ADSI connector.

 

Solution:

Saviynt has the ability to check for Uniqueness across across multiple domains by using the CheckForUnique feature in ADSI connector

Sample JSON:

{
"CheckForUnique": {
"Attributes": [{
"samaccountname": "customproperty1",
"RuleCheck": "${user.lastname}###${user.lastname}1###${user.lastname}2###${user.lastname}3###${user.lastname}4###${user.lastname}5###${user.lastname}6###${user.lastname}7###${user.lastname}8"
},
{
"userprincipalname": "customproperty2",
"RuleCheck": "${user.lastname}@domainame.com###${user.lastname}1@domainname.com###${user.lastname}2@domainname.com###${user.lastname}3@domainname.com###${user.lastname}4@domainname.com"
},
{
"displayname": "customproperty31",
"RuleCheck": "${user.lastname}, ${user.firstname}###${user.lastname}, ${user.firstname}1###${user.lastname}, ${user.firstname}2###${user.lastname}, ${user.firstname}3###${user.lastname}, ${user.firstname}4"
}
]
}
}

The way the JSON is working is explained when you are using the below syntax

"samaccountname": "customproperty1",
"RuleCheck": "${user.lastname}###${user.lastname}1###${user.lastname}2###${user.lastname}3###${user.lastname}4###${user.lastname}5###${user.lastname}6###${user.lastname}7###${user.lastname}8"

It pulls  customproperty1 list from all accounts corresponding to that endpoint. Then it constructs the samaccountname using the rule like ${user.lastname} eg "savla".  It checks if this accountname is already available in the customproperty1 list. If not available, same will be used as samaccountname. If the samaccountname is unavailable, it will evaluate the second rule ${user.lastname}1 eg "savla1" and do the same check. If that does not exist, the same will be used as samaccountname.

Customproperty1 in this case should contain all samaccountname during Import. 
The mapping for any unique attribute cannot be null in the CheckforUnique JSON eg "samaccountname": "" is not going to be valid. 

 
Labels:
0 Kudos
Version history
Last update:
‎04/05/2023 01:44 PM
Updated by:
Saviynt Employee
Contributors
Copyright © 2024 Khoros, LLC