Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Read Only SAV Role, based on Organization.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on October 20 2020 at 19:58 UTC

Hi All,


Seeking for help and sharing my findings - SSM v5.5SP2


I'm trying to create a read only SAV role which should only allow access to Data associated to respective organization.

I created an organization, assigned endpoints, assigned the organization to new SAV Role. Assigned users SAV ROLE and the organization.


when logged as the user below is the behaviour/Issues :

  • Displaying identity's from other organizations as well
  • No Accounts and Entitlements
  • Displaying all Security Systems and No Endpoints

Please refer to the attached access details , may I please know what additional configuration am I missing


And here is the UI behaviour

The Admin menu option is available only if we add below access and bydefault lands on job control panel page which is not required

ADMIN

SUBMENU.ADMIN.flatViewJobcontrol_flatViewJobList

Please refer below screenshots , UI differences with and without enabling new UI configuration

image


image


Regards,

Raj.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.
2 REPLIES 2

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on October 27 2020 at 03:53 UTC

Hi Raj,


Accounts, Entitlements and endpoints - This are not controlled via org. This are visible for the owners, admin or if the user is part of the SAV ROLE configured ant connections.


Thanks

Ajay

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.

Community_User
Saviynt Employee
Saviynt Employee
Originally posted on October 30 2020 at 19:29 UTC

Hi Ajay

I'm able to see Accounts and Entitlements, after assigning the SAV role to connection,

What about users is there any configuration to show only the users belonging to particular organization ?

Any Idea about UI options ?


Thank you

Raj.

This message was previously posted on Saviynt's legacy forum by a community user and has been moved over to this forum for continued exposure.