Activity in Enterprise Identity Cloud Discussions
UPDATE ACCESS ENDDATE DOESNT WORK
Hi All,I have an issue regarding the "update access end date".I've extend the enddate and it was successfully provisioning "complete" also I set my security system with "instant provisioning"But somehow the enddate is not updated at all for that acco...
Active Directory - Add Access
Hi All,While trying to add a Primary group via ADD Access Task, we are getting the following error,Error while ADD operation for account-v.sowmithri to Group-1181 in AD - [LDAP: error code 21 - 00000057: LdapErr: DSID-0C091275, comment: Error in attr...
ARS request end date issue
Hi Team,We have encountered an issue while provisioning ARS request end date to application end.so whenever we are selecting any time between 11PM to 4AM next day(Checked till 4AM), it is picking previous day.Case 1selected date 30th at 2AM in ARS, w...
Read User details and ECP value via API not working
Hello team, I am trying to read ECP value with API getUserI am getting user details but not ecp value.The body parameters are below{"filtercriteria":{"username":"abcd"},"responsefields":["username","statuskey","firstname","ecp1"]}As per documentation...
How to Create different tile for All All application with AD
HelloWe have an Active directory currently connected to Saviynt with a tile to request access. The Active Directory has all the Apps and their Entitlements. Is it possible to create different tiles or search for the apps within this AD from the searc...
Resolved! Configuration Files
I want to know how to direct users from the Saviynt portal to our internal documentation on instruction about access request and everything saviynt related. I see Configuration Files, But I am not sure what path I need to edit to show end user the in...
Enterprise Role [Tied with Entitlement1] assigned to User but account dont have entitlement assigned
Hello Team,We have use case for Enterprise Role cleanup.Details: We need to identify enterprise role which is tied to target app entitlement assigned to user identity in Saviynt but user account don't have that entitlement assigned as well as on targ...
Onboarding questionnaire
Hello AllCan anybody kindly share a onboarding questionnaire for Azure AD, workday,Microsoft365 and service now?Thank you in advanced.
Saviynt-CyberArk Rest Integration Error
Hi Team, Integration of CyberArk using Rest Connector We are getting error while importing data using rest connector but we are able to fetch data via postman. We are using IP only for connection and to import data as well. PFB Error Logs, connection...
ImportUserJSON - set status based on endDate
Hi,We are trying to update the user status based on endDate, using sav4sav user import. I tried the below line to check if the user’s endDate is in past AND user is active? if yes, update the status to Inactive else leave the status unchanged. But it...
need entitlement import from 2 different OU under logical application
Hi Team,We are trying to import the entitlements under logical application from 2 different OU'sbelow are the snippets which we are trying to import.{"Active Directory User Account Groups": [{ "memberOf": ["CN=AA.ALL.app.%,OU=Groups,OU=AA,DC=xxx,DC=c...
unable to trigger the Request Rules
Hello,I cannot figure out why my Request Rule wont trigger. I am following the example provided in the Saviynt documentation Request Rules Implementation - UseCase for app ent... - Saviynt Forums - 51092Here is how my Request Rule is currently config...
Remove Account Completion Email Not Parsing any Binding Variables
When I am trying to trigger mail for Remove Account Task creation & completion from Endpoint Email Configuration, the mail is triggering, but the Binding Variables are not getting parsed. ( But for New Account mail is getting triggered & parsed corre...
AD disablementJSON with logic
Hi Team, we would like to implement a logic to disable JSON in the active directory, where it checks before proceeding. However, it seems that the logic(below highlighted) is not functioning properly.The highlighted logic mentioned below is working p...
REST Connector - All Entitlements as input
Hi Team,We have a requirement where in the API Payload expects all the available entitlements as input to the API call when the user adds or removes role from ARS.Eg - user has abc, xyz roles and requests bde role then [abc, xyz,bde] should be the pa...
How to see the number of attempts a user has made to access the invitation
We have an invitation process for onboarding new external users. We can set the Invite URL Maximum Retry Count easy enough, but just how do we see how many times the user actually attempted to access the invitation?
getting access denied error while uploading CSV file with Sav Role as Manager
Hi Team, I am trying to upload CSV file having Sav role as Role_Manager. But I am getting below error. I tried to check the feature access present in Role_Admin access for user upload. I assigned to Role_Manager sav role. But did not work. I have up...
Rest - Connection JSON
Hi All,Below is the JSON we are using for connection JSON for Rest Connector. We are using basic authentication. We checked in postman it works fine. Please let me know what the issue in below JSON is. In logs getting 400 . In pending task error for ...
Generate authentication token for SSO Enabled Saviynt
Hi,I am trying to generate an authentication token for the Saviynt test environment using the Saviynt Rest API's with the help of Postman. However, the Saviynt test is SSO enabled, due to which I keep getting a "401 Unauthorized error". Is there a wa...
ADD access json- userManager.username and user.departmentname
Hi,I need to pass the manager username and departmentname in addaccess json of a rest connector.\"manager\":\"${userManager.username}\"\"departmentName\":\"${user.departmentname}\"I am getting the below error {"Role":{"headers":null,"message":{"statu...
How to provision entitlements coming from HR source to AD
Hello,Is there any way to provision the entitlements coming from HR source to AD? We have usecase where account-entitlement data is getting imported from HR source under account profile and we need to provision the same entitlements into AD.eg.User A...
Assistance Required with Error Handling and Log Verbosity in Saviynt v24.3
I am currently using Saviynt version 24.3 and I have encountered a couple of challenges while trying to integrate Saviynt with a Windows Server for mailbox creation via PowerShell scripts.Error Handling Issue: Despite receiving a status code of 500 f...
Reset password before deletion
I have everything set up but it doesn't seem that Saviynt is generating a password in the API call. It is just putting in "${randompassword}" in the body of the call. 2024-04-25T08:40:38-04:00-ecm-worker-2024-04-25T12:40:37.949025952Z stdout F 2024-0...
Salesforce Issue with Remove Profile
Hello,I'm using the option to remove access in all applications when some rules are triggered or for out of band access detection.However with Salesforce Application I have this issue when task are created : My configurations :Entitlement Type : Dro...
Different workflows as per user attribute
Hi Team, We have use case regarding to workflow where we have to check if user attribute cp1 is 'ABC' then user creation approval will go to 1st workflow, If cp1 is 'XYZ' then user creation workflow will go for another approval process. How we can co...
REST PS Connector - Unable to pass single quotes as value
Hi, I have a PowerShell script executed from Saviynt using REST. One of the variables which holds a key value is stored in the connection JSON and sent to the script as a dynamic variable. The issue is basically when I have the variable in connection...
LDAP New Account Creation Failing
Hi team,I am trying to create a new AD account from ARS Saviynt.Account creation failed with the below error.We are using LDAP on 389.Create Account: I am using basic fields only{"givenName": "${user.firstname}","sn": "${user.lastname}","displayname"...
Unable to map the Multi-Level Hierarchical Entitlements via REST Connector
Hi Team,We have successfully integrated the Oracle Fusion application using REST connector and we are able to import the Account, Roles, Security Context and Securtiy Context Values. Also, we have sucessfully mapped the Accounts to Roles. Here we ar...
Unable to restrict Saviynt API call to only specific organization
Hi Team,I need help in restricting Saviynt API call to only specific organization. We created new SAV Role and provided the necessary accesses to call Saviynt API and set the field values 'Show Users in Request Access based on Organizations' and 'Org...
Application Access Request for apps with entitlement in AD
We have our Saviynt connected our AD. the AD has all the Applications and their respective Entitlement. Currently when users submit access request for this apps connected to the AD. They have to g through: Access request - ADconnected- Add - Then sea...
Random Password Generation on Enable
Hello,We are using random password generation on ENABLEACCOUNTJSON in the AD connection:"userPassword":"${randomPassword}"The issue here is that there are cases when the password generated is ridiculously long something like -*?-*^)@12!DF?!7--*?-*^)1...
Resolved! Getting error while passing description to ITSM system
Hi Team,We trying to implement a ServiceNow/ITSM connection with the Saviynt. We are having some issues while passing the ticket description in CreateTicketJSON. It passes the code value while filtering the tasktype in the condition.Expectation: Sub...
Baseline Question
Hello,We have some discrepancies while running the baseline for endpoints. For one of them, we had accounts and entitlements loaded and ran the baseline but accounts baselined is 1064 and accountentitlement baselined is 0. Please check screenshot:Can...
Logical AD Application Entitlement Glossary updates not happening
We have onboarded a new connection, security system, and endpoint for handling logical applications. The management has all worked as expected, with the exception of entitlement metadata. We have mapped the entitlement glossary to description for AD ...
How to export connection detail(Including all jsons)
I needs to know whether exporting connections details including all the operations JSONs.If we can please let me know the steps.
Resolved! Enhacned Query for convert Customquery to EQ
Hi,please can you provide EQ query for below sql update queryupdate arstasks a set a.STATUS = 3,a.provisioningcomments ='No Action Required' where a.taskkey in (1231,1241,1243,1244)
Resolved! Union in analytics query
Hi Team,We are using below query to fetch account data from different entitlements and trying use union query. Its giving error. Can anyone please check & guide what is wrong with this. select a.NAME, a.DISPLAYNAME, a.COMMENTS as 'DN', a.STATUS as '...
Can we fetch all user accounts and orphan accounts for a particular application using a single query
Hi Team,Can we fetch all user accounts and orphan accounts for a particular application using a single query. If so, please provide. thanks in advance.regards,mahesh
Campaign Emails Not being triggered V23.5
Hi Everyone,We have configured number of email templates of campaigns and none of the email are being triggered. For troubleshooting, we tried to validate in the Data Analyzer via this query:Setting preview value to null: update campaign set PREVIEW_...
Resolved! Show entitlements only when boolean (DA) is TRUE
Hi, could someone help me with this query? I have a boolean as dynamic attribute in this endpoint. I have some key users who can request these entitlements based on their user group asssignment. This part works well, but when I want to even further l...
Resolved! Analytics query to fetch accounts under a particular Entitlement
Hi Team,We need a query to fetch accounts under a particular entitlement. Could you please provide query. thanks in advance. regards,Mahesh
Resolved! Analytics and BaselineJob
We pulled a report of the current jobs that are in Prod and we saw that they were 'Analytics_16546CRONE', 'BaselineJob_12' and 'BaselineJob_AccountImport_12343535325'. Can you please tell me what these jobs are for? and how can we tell which analytic...
RDS implementation in Saviynt CPAM
Could you please clarify how to do RDS Implementation in CPAM. Could you describe with steps.
Custom AS400 Jar Connector
Hi Team,We are planning to implement Custom AS400 Jar Connector , any one have sample AS400 Jar connector code ? please share
SAP Licenses in the Saviynt Database
Hi,we import accounts from SAP and those accounts will get an integer value for APPLICENSETYPE, for example 4.When we view that account in Saviynt, the text field for App License Type displays "SAP E11 Test" instead of the value 4 that is in the data...
want to create report to identify all reports that was not ran but should have ran today itself.
want to create report to identify all reports that was not ran but should have ran.
Can we have the Create User Form in many languages ?
Hello,i have a question concerning the create user form to create external users. Can we have the create user form in many languages?like below can we change the labels of the fields when we change the language? Regards,Ray
How to exclude attribute update if DA attribute is blank - AD Connection
Hi Team,I am referring below posts and none of the keywords work for AD connection and how can it be achieved.We have a requirement NOT to send null/blank value for a target attribute. Basically exclude the attribute from the payload.Retain AD Accoun...
Create account json throws error when email is passes as null in proxy address
Hi Team,We are using the below json for proxy address. But when the email is passed as null it throws attribute conversion error.Can you please suggest a logic so that it will pass null value in email."proxyAddresses":[ "${user.customproperty7...
Base 64 accountname and store in customproperty
Hi Team,We have a usecase to store base64 encoded value of accountname and passing the encoded value in subsequent calls to perform the operation, how can we do it at the time of account creation?I tried by using CONST in "responsecolstoprop" and enc...
