Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/12/2022 01:21 PM
Hello,
Is there any place where we could get the exact XML Schema for Entitlement and Accounts import JSON in the DB connector?
I am particularly looking for all the available attributes of the <mapper> element, their possible values and what they actually do.
For example, for accounts:
The documentation is unfortunately not helpful here 😞
Solved! Go to Solution.
04/12/2022 03:05 PM
Thanks for posting this! I am working through this configuration right now and also have the same questions.
04/12/2022 03:05 PM
Hi Fabrice,
For entitlements import there is one in the mapper section:
Thanks
04/12/2022 03:05 PM
Please find below details of mapper attributes.
Mapper Attribute | Value | Definition |
accountnotinfileaction | Suspend | 1. Update an account status = "SUSPENDED FROM IMPORT SERVICE" 2. Account name updated with username + "-Deleted on-<currentdate>" Note: addOnlyMode value should not be true. |
delete | 1. Delete all entitlements of an account in SSM. 2. Delete Account and its association from a User in SSM. | |
deleteaccountentitlement | true | Delete all entitlements of an account in SSM. |
false | No action | |
ifusernotexists | Create | If account's associated user not found in SSM then create a new User. |
addOnlyMode | true | Below operation would not be allowed to perform 1) Update/Delete account's User-Account association 2) Delete all Entitlements of an account 3) Account suspension |
date | date | incrementalcolumn attribute value format would be "dd-MMM-yy" |
timestamp | incrementalcolumn attribute value format would be timestamp. |
Account and assigned entitlements import sample:
<dataMapping>
<before-import>
</before-import>
<sql-query description="This is the Source DB Query" uniquecolumnsascommaseparated="name" incrementalcolumn="updatedate" >
<![CDATA[
select * from dbaccountimport
]]>
</sql-query>
<mapper description="This is the mapping field for Saviynt Field name" ifusernotexists="create" date="timestamp">
<mapfield saviyntproperty="accounts.name" sourceproperty="accountname" type="character"></mapfield>
<mapfield saviyntproperty="securitysystems.systemname" sourceproperty="securitysystem" type="character"></mapfield>
<mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpoint" type="character"></mapfield>
<mapfield saviyntproperty="entitlementtypes.entitlementname" sourceproperty="entitlementtype" type="character"></mapfield>
<mapfield saviyntproperty="entitlementvalues.entitlementvalue" sourceproperty="entitlementvalue" type="character"></mapfield>
<mapfield saviyntproperty="users.username" sourceproperty="username" type="character"></mapfield>
<mapfield saviyntproperty="accounts.status" sourceproperty="status" type="character"></mapfield>
<mapfield saviyntproperty="account_entitlements1.access" sourceproperty="securitysystem" type="character"></mapfield>
</mapper>
<after-import description="EMAIL,BATCH,SQL">
</after-import>
</dataMapping>
04/12/2022 03:05 PM
Thanks a lot Arpit and Pramor
04/12/2022 03:05 PM
Follow up question: how dows before-import and after-import work?
04/12/2022 03:05 PM
How to correlate disable account to user.We are not able to correlate inactive account to user.
04/12/2022 03:05 PM
How to disable entitlements associated with an entitlement type which no longer exists in the target DB