Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/27/2024 06:15 AM
Hi Team,
The requirement is that we need a seperate endpoint to request a perticular AD group, which should be seperate from the orignal AD account. So I created a new connection(same as AD) and new endpoint and security system as well.
But when the account is getting created for the new endpoint, it is overwriting the orignal AD account(remove orignal groups and entitlement) but we just want the new entitlement that the new endpoint has to be added to the orignal AD account and not overwrite the entire account.
Could you please let us know if this as expected and if there is any other way to do this.
Regards,
Ayush
08/27/2024 06:19 AM
Hi @Sharma ,why didn't you went ahead with endpoints filter approach any concerns with that?
2) keep create account json empty. It is an expected behaviour if account not present it will try to create a new one.
08/27/2024 06:23 AM
Hi @NM ,
Could you guide me a little more on the endpoint filter approach. If there is any document explaining it, that would be helpful.
We did leave the create account JSON empty but what Saviynt is doing is completely blanking out the already created account.
08/27/2024 06:26 AM
@Sharma what do you mean by completely blanking out the already existed account.
For existing account it will be a modify request ideally.
08/27/2024 06:27 AM - edited 08/27/2024 06:27 AM
Doc -https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Logical-Active-Directory-Applications.html
08/27/2024 06:48 AM
Use endpoint filter concept instead of creating new endpoint
Refer https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Logical-Active-Directory-Applications.htm