Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Disable Account JSON in AD Connector

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 01:03 PM

Originally posted on October 8 2020 at 14:06 UTC

Hi,


Can we calculate current year and date in Disable AccountJSON and also format it in ddmmyyyy format to GMT timezone?


Thanks and Regards,

Rituparna Das

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
7 REPLIES 7

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:14 PM

Originally posted on October 9 2020 at 05:05 UTC

Hi Rituparna,


Greetings!!


In which attribute in AD, you are trying to push such value. Are you planning to push this Value in any attribute in AD with datatype string?

Because, generally we push such values in accountExpires attribute at AD and it doesn't except such value. It is of Interval data type and expects time in nano Second interval.This value represents the number of 100-nanosecond intervals since January 1, 1601 (UTC).


A sample example Here:

"accountExpires": "${ Date today = new Date();(10000*(today.getTime() + 15552000000 + 11644473600000))}"


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:14 PM

Originally posted on October 9 2020 at 05:08 UTC

Hi Anand,


Yes we have two use cases


1. Update the description field of AD with date in dd/mm/yyyy format of GMT timezone

2. Need to put an if else logic on moveusertoOU to check if it is in Jan-Apr put in A OU and for others in B OU.


Thanks and Regards,

Rituparna Das

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:14 PM

Originally posted on October 9 2020 at 05:58 UTC

Hi Rituparna,


Greetings!!


You could do both things.


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:14 PM

Originally posted on October 9 2020 at 06:00 UTC

Hi Anand,


Can you help me with sample codes for these two please?


Appreciate your quick response.


Thanks and Regards,

Rituparna Das

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:14 PM

Originally posted on October 9 2020 at 06:21 UTC

Hi Rituparna,


Greetings!!


I could help you with sample below:


"Description": "${ Date today = new Date();}"


You could write similar java in value section to return a value as per your requirement.


"moveUserToOU": "${if(user?.street.equals('US') && user?.customproperty29.equals('saviyntlabs.org'))'OU=TestContainer,DC=saviyntlabs,DC=org' else if (user?.street.equals('US') && user?.customproperty29.equals('child.saviyntlabs.org')) 'OU=TestContainer,DC=child,DC=saviyntlabs,DC=org' else if (!user?.street.equals('US') && user?.customproperty29.equals('child.saviyntlabs.org')) 'CN=Users,DC=child,DC=saviyntlabs,DC=org' else 'CN=Users,DC=saviyntlabs,DC=org'}"


Thanks & Regards,

Anand Kumar Jha


This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:14 PM

Originally posted on October 12 2020 at 17:20 UTC

Hi Anand,


I have put the below config for the same use case in Disable JSON but encountering error in saviynt.


Disable Account JSON:

{

"moveUsertoOU":"(new Date().format('MM')=='01'||new Date().format('MM')=='02'||new Date().format('MM')=='03')?'OU=Q1,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':((new Date().format('MM')=='04'||new Date().format('MM')=='05'||new Date().format('MM')=='06')?'OU=Q2,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':((new Date().format('MM')=='07'||new Date().format('MM')=='08'||new Date().format('MM')=='09')?'OU=Q3,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':'OU=Q4,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com'))",

"deleteAllGroups":"No",

"userAccountControl":"514",

"description":"${user.customproperty55=='ST'?'Account Status set to Disable Term '+new Date().format('MM/dd/yyyy'):'Account Status set to Remove Term '+new Date().format('MM/dd/yyyy')}"

}


Error:

Error Disablng the Account from AD -

javax.naming.InvalidNameException: CN=Sav0108\, Pwc (pwcsav08),(new Date().format('MM')=='01'||new Date().format('MM')=='02'||new Date().format('MM')=='03')?'OU=Q1,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':((new Date().format('MM')=='04'||new Date().format('MM')=='05'||new Date().format('MM')=='06')?'OU=Q2,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':((new Date().format('MM')=='07'||new Date().format('MM')=='08'||new Date().format('MM')=='09')?'OU=Q3,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':'OU=Q4,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com')): [LDAP: error code 34 - 0000208F: LdapErr: DSID-0C090808, comment: Error processing name, data 0, v2580 ]; remaining name 'CN=Sav0108\, Pwc (pwcsav08),(new Date().format('MM')=='01'||new Date().format('MM')=='02'||new Date().format('MM')=='03')?'OU=Q1,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':((new Date().format('MM')=='04'||new Date().format('MM')=='05'||new Date().format('MM')=='06')?'OU=Q2,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':((new Date().format('MM')=='07'||new Date().format('MM')=='08'||new Date().format('MM')=='09')?'OU=Q3,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com':'OU=Q4,OU='+(new Date().format('yyyy'))+',OU=Disable Users,OU=Region-Saviynt,DC=dev,DC=company,DC=com'))'


Thanks and Regards,

Rituparna Das

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:14 PM

Originally posted on October 16 2020 at 06:02 UTC

Hi Rituparna,


Greetings!!


The conditional evaluation for moveUserToOU is not correct.

You should have conditions defined to determine a container/OU in AD for this control.


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
Copyright © 2024 Khoros, LLC