Resolved! Default Savrole Configuration
Which property states the default savrole assignement of all users imported to Saviynt?-Siva
and more in a single search tool across platforms. Read the announcement here. |
Which property states the default savrole assignement of all users imported to Saviynt?-Siva
We have created ROLE_TASKADMIN to view the pending and completed tasks. We are able to access all the features of the Tasks except when we click on the action==>View then below Operation not allowed screen appears. Please help us with what we are mis...
Is it possible to request SAV roles using ARS ? And if yes how to do it ?
Hello,we have an SQL query which is running fine in analytics and now we try to rephrase this query, which was provided by the Saviynt PPS team during project implementation.If we just copy the query from working report definition to data analyzer, t...
hello Team,I just that the Users were not added to the ROLE_ENDUSER Sav Role. this is because we did not run any birthrights.We still do not want any birthrights added. What is the fastest way to add the users to the ROLE_ENDUSER Sav Role without r...
Are there self service options available to entitlement owners, where they can see what they own and then request accounts to be added/removed. I've been trying to sort out sav role features if its possible through the Manage Entitlements screen. B...
Hello,I Noticed the following error when testing the user and application import filter in the Saviynt App for ServiceNow. Any idea on what is causing this?UI Error msg:ServiceNow Log error message:<!doctype html><html lang="en"><head><title>HTTP Sta...
Note: Its working, there was a delay in sync. Is there any way we can restrict /allow user to request for self, and users from same department.I tried to write advanced query in Whom to request section. But its not working as expected. Query: select ...
Hello,We will manage Saviynt users via Saviynt REST API. The API Spec mentioned checkrules is to control if the rules will be evaluated immediately (when checkrules is true) or or later (when checkrules is false ) for user creation or update.Another ...
I am trying to create a custom SAV role to view all Tasks and users tabs only.However, I can not see any tasks in a pending or completed state.to debug I give all permissions to that custom SAV role. But the issue is still there.I tried user GRP as w...
Hi, I've created an Attestation Admin SAV role, which can fully manage attestation campaigns. This role has an attestation dashboard which grants access to a bunch of data. Most of the tiles are click-through to analytics. These analytics have all be...
Which feature needs to be added for below option on Home page in v24.1 ?
We created a logical ad application and the entitlements were populated in the child endpoint. How do we allow a person or usergroup to manage the entitlements in the child endpoint. He should not be able to see other entitlements for other endpoints...
Hi Forum,I am referring to the below link for AAD Group Creation, it mentioned I can create group via Saviynt on below path: Navigate to > Home and select > Manage Groups > Create AAD Group.https://docs.saviyntcloud.com/bundle/EIC-User-v24x/page/Con...
Hi Team,We are facing issue with ROLE_TASKADMIN where users are able to view the task list but they are not able to see dropdown to view, discontinue, complete tasks.Below is the screenshot what exactly the issue is.I am hereby attaching the feature ...
Hi,Having assigned the below features to a Manager SAV Role, users can create a delegation accordingly.However, I would like them to be able to edit any upcoming or active delegation, as per need.Let's say that :A delegation is active and ends on 1st...
Hi,I have created a technical rule for customisation, I have followed the correct steps to create it. However it is not working after user update meeting the tech rule condition.Thank you,
Hi,We have a requirement to create a SAV Role in Saviynt v23.8, so that its members can access the Analytics module to strictly perform only the following tasks:-1) View & Download V2 Analytics Reports History.2) Run only the Custom Analytics Reports...
Hi, If not assigned the SAV role_admin you cannot add a user to role, but you can add a role to a user.E.g if assigned ROLE_ADMIN_COPY which is a duplicate of role_admin when trying to add a user to a role no users are displayed to add. If you then ...
Hi,I have configured a custom Sav Role for user to have capability of 'Create New Organization' and 'Update Existing Organization'. Below are the list of features assigned to this sav role:HomeCreate_User_RequestGet_DB_Data_Runtime_AnalyticsUpdate_Us...
We have a usecase where a custom SAV role should be capable of resetting all service accounts password.I have tried using OOTB feature but it does not show all service accounts while clicking on change password for service accounts but only the ones ...
Hi Team,We want a new SAV role for monitoring purposes. We have a SAV role that is a copy of ROLE_ADMIN, and it is read-only access; however, with this role, we are not able to view the connection tab, application logs, or some other modules as well....
Endpoint AccessQuery which was working in earlier version is not working in the current version V23.11Usecase: Users having 'ROLE_MT_SERVICE_DESK' SAV Role should not be able to request for the endpoint.AccessQuery: WHERE users.userkey not in(select ...
Hi All,We have a requirement to request Admin sav role within Saviynt using ARS . Our saviynt version is V23.4. I have used a rest connector for provisioning and deprovisioning of sav roles via endpoint. It is working as expected. But when I try to r...
Hello Everyone,We are facing an issue where any user with an end user SavRole tries to access the "Manage Delegate" page an Access Denied error is thrown. They are able to navigate to the Create Delegates page via the the side panel on left with end ...
Hello, We have a requirement to create a dashboard in the control center to aid in the reporting of KPIs. We would like to create a custom SAV role that we can assign to users so that when they log in to Saviynt they can only access the specific dash...
We need a Read Only role to view/lookup data in the Identity Repository.We have been unable to get access to Individual Accounts or the Account List. To troubleshoot, we started with the ROLE_ADMIN default role and created a read only copy, but this ...
Usecase:We have End User SAV Role and Service Desk Sav Role . The End users should be able to change their password through Saviynt for Active Directory Endpoint. And End user is the basic role which all the users will be having by default.On the oth...
We have a requirement to provide read only access to few features of Admin module(viewing accounts, access, etc) and simultaneously they should also be having access to manage the analytics. I have attached the features that we have added in both the...
Hi,We have created a custom SAVRole and have done the following configuration in it - The query in HQL which we have used is this : select a from Users a where a.id in (select us.userkey from User_accounts us, Accounts cc where us.accountkey=cc.id a...
Hi everyone, I assigned my user the ROLE_UIADMIN role. Since then I'm not able to unassign roles with that user anymore in the UI. When I click "Remove User from Role" (under Admin > SAV Roles > any Role > Users), nothing happens. The Browser conso...
Hi Team,Recently our saviynt account import job(DB connection) failed with some duplicate entry error. On checking the issue, we did not find any duplicate entry. There were some timebound roles assigned to users, when the job failed it deleted all t...
Hi All,We have client requirement where we need minimum features of a SAV role that allows user to take action on any SOD Violation from SOD workbench irrespective of risk owner(like admin but just for risk).Let us know how to achieve this .Thanks,
Hi,If we need to restrict he logged in user to see only a particular set of Identities only in the ARS module for whom the logged in user can raise an access request, one of the possible solutions is to build a custom SAV Role and specify the configu...
Hi Guys, I've configured sav4sav connection, fetched all users and entitlements and created workflow to allow me request for SAV Roles which is working completely fine however when I'm trying to enforce asking for Start Date End Date while Requests f...
Hello,We want all users to be able to see all Azure AD AAD group members (i.e. Account associated with each Entitlement).Many of our users have an end user SAV ROLE that can only login and Certification, and we feel that we need to grant privileges t...
We have created a new savrole, where user should able to see all the pending and completed tasks in the system and take action on them. I have below permissions added and when user clicks on pending/completed tasks he sees "No data available". Please...
What is the possible cause that a particular SAV Role created to view request history for an application gives access to one user but when given to another does not reflect as expected.The other SAV Role for both users is End User.No difference in ac...
Hello, When I call REST API to get authorize token. it return HTTP 405 Not Allowed. But I am member of ROLE_ADMIN and it worked before. see screen shot below. I am sure the username and password is correct as I can login to Admin UI.Help please! By ...
Hi,The Use case is this :If there are multiple accounts associated with a single user and those accounts belong to different logical endpoints, then within the ARS module, is it possible to filter what all accounts a user can manage, i.e. Add Access ...
Hi, i want to create a sav role which can update the entitlement owners of a specific endpoint. This sav role should only have the ability to manage the entitlement owners through UI and all other actions should be disabled. thanks for the help in ad...
Hi Team,We have a requirement to Create 2 SAV Roles.1st SAV role will be a 'Admin Readonly' role that will allow Read only access to all the modules of saviynt.2nd Sav role will be used to provide Admins some features using which they can perform day...
Hello,We are facing an issue while creating the username using the username generation rule. Below is the advanced configuration we are usingCONCAT(LOWER(LEFT(users.firstname, 1)),LOWER(LEFT(users.middlename, 1)),LOWER(LEFT(users.lastname, 1)),LPAD(F...
Hi,Trying to create an SAV Role for updating the entitlements owners for all the endpoints. But it's displaying only one specific endpoint entitlement.No difference between the endpoint configuration.SAV Role Future Access:Any leads will be greatly a...
Would like to know separate SAV_ROLE feature access to manage service account user lifecycle. Right now, we are relying on SAV_ADMINs for managing Service accounts. We would like to create a separate role for managing (creating/deleting/updating) Ser...
Hi, now i'm adjusting SAV ROLES for Restrict ROLE_ENDUSER to minimum access as below on EICI can't find difference of feature access for show My Pending Access and Pending Certifications.ROLE_ADMIN : Can see above two values in hom page.ROLE_ENDUSER ...
We want to create an analytic to generate a report which shows which users are assigned to which SAV role. But I am unable to find any table in data analyser where SAV role name is an attribute.How can I create such an analytic?
Hello Team,Which features/web service access are necessary for an SAV role for a user who is going through APIs for getting back analytics results and creating/updating entitlements/roles? We've been trying to add these ourselves but can't find the l...
Dear community, We have created an user in Saviynt with the aim to be used with API to change user passwords. This user has been set the password by an admin account through API and we have set the localauthenabled and passwordexpired properties with...
Hi All,I created a copy of sav_role "ROLE_SAV_ENDUSER" and expected it work with similar permissions but it doesn't.For example as soon i login I get an error "Access Denied"Something I should be doing more than just copying the role?