Announcing the SAVIYNT KNOWLEDGE EXCHANGE unifying the Saviynt forums, documentation, training, and more in a single search tool across platforms. Click HERE to read the Announcement.

Azure AD DirectoryRole Review

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 28 2020 at 19:56 UTC

Does anyone know how I would setup a filter in a User Manager Review to only review entitlements from Azure AD that are of the type DirectoryRole?


I'm thinking this should be able to be done using the Entitlements Query section in the campaign. I can't figure out what the filter should look like though. It appears that all entitlements have "Entitlement Type" as a field, is it possible to setup a filter that only shows entitlements of a certain type?


This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
3 REPLIES 3

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 28 2020 at 20:43 UTC

You can check the certifiable flag under Security Systems > Endpoints > Entitlement Type to consider only those specific entitlements for certification.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 28 2020 at 20:53 UTC

Thank you! That make this much simpler.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on September 28 2020 at 22:56 UTC

Hi Adam


As you mentioned to create a campaign, you can also write a query for the same. Under Configuration > Select Certifier > Select from manual Query > Query> (Mention who wants to certify this)


Under Advanced Campaign configuration > Users Query> (Mention whom do we want to certify for eg. users that have entitlements of the type Directory Role from Azure AD.

"select username from users where entitlement type /role type would be like Directory Role here".


You can look at the Role query/ Entitlement Query section from the below link - https://saviynt.freshdesk.com/support/solutions/articles/43000492071-creating-user-manager-campaigns...


However this would be the solution to your original question. The solution that Avinash Provided looks much simpler to me.



This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.