Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Import User via AD connection not updating user fields

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 01:03 PM

Originally posted on September 25 2020 at 14:27 UTC

Hello, I'm trying to update users in SSM via their Active Directory accounts after they are provisioned. The users email address and phone numbers are assigned after the AD account is created and I would like to sync their email and phone number attributes back to SSM for their user,


Please let me know what I am missing. In the UserImportJob, I select the following:

Import from SaviyntConnect: No

External Connection : Active Directory

Allow User Operation : Update Only

Zero Day Provisioning : No

Generate User Email : No

Build Users Cache Map: Yes

Job Type : Full Import (have also tried Incremental)

User Not In Feed Action : No Action

Generate system username : No

Check rules: No

Zero Day Limit : not configured

Reconciliation Field : EmployeeID (also have tried Username)

Add SAV Role : not configured

Status Config: not configured


I have found this other topic, https://saviynt.freshdesk.com/support/discussions/topics/43000524458, but the details are sparse in the answer on how to configure the ImportUserJob to make sure I only want certain fields updated (not necessarily all).


Just in case, I have populated the UPDATEUSERJSON, but apparently doesn't work for what I'm trying to do according to the above topic. Not sure when UPDATEUSERJSON would ever be used, if that's the case...


UPDATEUSERJSON:

{
"mail": "${user.email},"
"mobile": "${user.phonenumber}",
}

End result is, I do not see fields updated and not sure where in the logs to look...

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
6 REPLIES 6

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:16 PM

Originally posted on September 28 2020 at 13:12 UTC

Hi Jeremy,


Please define mapping under action " USER_ATTRIBUTE " for user import. Kindly refer the AD conenctor documentation for mapping.


THanks

Ajay

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:16 PM

Originally posted on September 28 2020 at 13:30 UTC

Here is the mapping that's in place. I've had this populated, but I'm still not seeing user fields updated from Active Directory.
[username::employeeid#String,
customproperty20::distinguishedname#String,
ENDDATE::accountexpires#millisec,
CREATEDATE::whencreated#date,
UPDATEDATE::whenchanged#Date,
employeeid::employeeid#String,
email::mail#String,
RECONCILATION_FIELD::employeeid]

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:16 PM

Originally posted on September 29 2020 at 10:25 UTC

Hi Jeremy,


Greetings!!

I have some questions here:

1) What is the version of SSM you are using?

2) What is the status of User Import, Please attach the debugLogs.

3) Which attribute(s) has been updated which you are not able to see in SSM post import.


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:16 PM

Originally posted on September 29 2020 at 11:42 UTC

Hey Anand, thanks for the reply. I was able to work with our implementation partner to get it resolved. I had copied fields from the documentation for the AD connector. Reconciliation was misspelled and I did not notice it. However, even after correcting it it did not work. But, they had me remove "RECONCILATION_FIELD::employeeid" from USER_ATTRIBUTE entirely and let the reconciliation field on the job be the default, which is "USERNAME" and now it is working.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:16 PM

Originally posted on September 29 2020 at 11:59 UTC

Hey Jeremy,


Great to hear that.


Cheers!!


Thanks & Regards,

Anand Kumar Jha

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos

Go to solution
Community_User
Saviynt Employee
Saviynt Employee

‎04/12/2022 02:16 PM

Originally posted on October 29 2020 at 04:57 UTC

Hey Anand,


Can i restrict to update only specific user attributes to be update based on a condition from AD Import (USER_ATTRIBUTE)?


Regards,

Satish Jogi

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
0 Kudos
Copyright © 2024 Khoros, LLC