Saviynt Forums

Alex_Terry · ‎04/18/2024

Hello,

Can you advise us as to what is used as the index in the accounts table?

Many Thanks

PremMahadikar · ‎04/18/2024

Hi @Alex_Terry ,

Best,
Prem Mahadikar

rushikeshvartak · ‎04/18/2024

Currently there are no indexes on accounts table

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

PremMahadikar · ‎04/18/2024

Please ignore my above response.

@rushikeshvartak , can we see indexes from Data Analyzer?

Best,
Prem Mahadikar

rushikeshvartak · ‎04/18/2024

No. I have got extract from saviynt support

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

dgandhi · ‎04/25/2024

Hi @PremMahadikar

You can view from analytics.

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

rushikeshvartak · ‎04/25/2024

This was supported on NON-EIC v5.5 its not supported anymore

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Alex_Terry · ‎04/19/2024

Hi @rushikeshvartak & @PremMahadikar, Thanks for your response. The reason I ask is as follows:

We have an EntraID endpoint with account records already populated. We were using the OOTB Entra connector. We now wish to change the connector to a REST connector so that we can import the lastsignindatetime attribute to these accounts.

To ensure that we do not import duplicate records for these accounts, in our importAccountImportEnt JSON we have set the listField as "value" and the keyField to be "accountID". See below the JSON:

{
    "accountParams": {
        "connection": "userAuth",
        "createUsers": false,
        "adminName": "admin",
        "processingType": "SequentialAndIterative",
        "statusAndThresholdConfig": {
            "deleteLinks": false,
            "accountThresholdValue": 30,
            "correlateInactiveAccounts": false,
            "inactivateAccountsNotInFile": true,
            "statusColumn": "customproperty42"
        }, 
        "call": {
            "call1": {
                "callOrder": 0,
                "stageNumber": 0,
                "http": {
                    "url": "https://graph.microsoft.com/v1.0/users?$select=id,userPrincipalName,givenName,signInActivity,lastSignInDateTime,surname,displayname,onPremisesSamAccountName,employeeId,department,onPremisesExtensionAttributes,extensionAttribute6,onPremisesSecurityIdentifier,onPremisesImmutableId,accountEnabled,employeeType",
                    "httpHeaders": {
                        "Authorization": "${access_token}"
									},
                    "httpContentType": "application/x-www-form-urlencoded",
                    "httpMethod": "GET"
						},
                "listField": "value",
                "keyField": "accountID",
                "colsToPropsMap": {
                    "accountID": "id~#~char",
                    "name": "userPrincipalName~#~char",
                    "customproperty10": "signInActivity.lastSignInDateTime~#~char",
                    "customproperty1": "givenName~#~char",
                    "customproperty2": "surname~#~char",
                    "displayname": "displayName~#~char",
                    "customproperty3": "onPremisesSamAccountName~#~char",
                    "customproperty4": "employeeId~#~char",
                    "customproperty6": "onPremisesExtensionAttributes.extensionAttribute6~#~char",
                    "customproperty18": "department~#~char",
                    "customproperty37": "onPremisesSecurityIdentifier~#~char",
                    "customproperty38": "onPremisesImmutableId~#~char",
                    "customproperty42": "accountEnabled~#~char",
                    "customproperty53": "employeeType~#~char"
								},
				"pagination": {
					"nextUrl": {
					"nextUrlPath": "${(response?.completeResponseMap?.get('@odata.nextLink')==null)? null : response?.completeResponseMap?.get('@odata.nextLink')}"
							}
						}
					}
                }
            },
    "entitlementParams": {},
    "acctEntParams": {}
}

We are able to successfully achieve this in our pre-production environment however when we implement this in our production environment we get account records created in Saviynt but with the same ID.

Can you advise?

rushikeshvartak · ‎04/19/2024

Duplicate records are created ?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Alex_Terry · ‎04/24/2024

Hi @rushikeshvartak,

Yeah, during import we were seeing duplicate records being created under the accounts table as part of the same endpoint. When we identified this we paused the job and reached out to the support team to perform a database rollback to a previous instance.

rushikeshvartak · ‎04/24/2024

Try creating new endpoint and test so you can delete from UI.

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Alex_Terry · ‎04/25/2024

Can you explain a bit more? If we create a new endpoint and then import accounts then we would be unable to remove these.

dgandhi · ‎04/25/2024

Create one analytics in Saviynt and run below query:

It should give you the desired result.

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

Alex_Terry · ‎05/01/2024

Hi @rushikeshvartak @dgandhi @PremMahadikar,

Are any of you able to advise on why the duplicate records are being created and what to check in the configuration to make sure that everything is configured so as to prevent this?

rushikeshvartak · ‎05/01/2024

Did you tried creating new application

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saathvik · ‎05/01/2024

@Alex_Terry : Can you share the AccountID of duplicate records? If the mapping for AccountID is different from your OOTB connector and REST Connector is different then there is a possibility of creating duplicate accounts. Make sure you have mapped same attributes to AccountID in both connectors

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Alex_Terry · ‎05/01/2024

Hi @Saathvik,

These duplicate records are no longer present in Saviynt as we performed a roll back to a previous snapshot.

Do we need to be importing the exact same number of attributes and have them mapped in the same way outside of the account ID? I assumed that given the AccountID is being mapped to the same attribute across our environments and is being used as our key field we do not need to import the other attributes and their mapping in the same way, if at all.

Saathvik · ‎05/01/2024

@Alex_Terry : No it doesn't required to have all attributes mapped in both connectors but AccountID should be mapped to same attribute of target.

By any chance would you be able to share the Account attribute mapping for Entra connector?

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Alex_Terry · ‎05/01/2024

Hi @rushikeshvartak

We do not want to create a new endpoint in Saviynt. We'd just like to know:

Are there any issues that you can identify in our connection JSON that would cause the creation of duplicate account records in Saviynt?
What configurations outside of the connection JSON do we need to check to ensure that everything is configured to prevent this from happening?

rushikeshvartak · ‎05/01/2024

What is use case for not using azure connector ?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Alex_Terry · ‎05/03/2024

@rushikeshvartak When using the Azure Connector if we try to import the lastsigninconnector the import job fails as it's not able to save the delta token. See these forums posts:

@Saathvik see the below code:

{"colsToPropsMap": {
		"accountID":"id~#~char",
		"name": "userPrincipalName~#~char",
		"customproperty1": "givenName~#~char",
		"customproperty2": "surname~#~char",
		"customproperty3": "onPremisesSamAccountName~#~char",
		"customproperty4": "employeeId~#~char",
		"customproperty5": "onPremisesExtensionAttributes.extensionAttribute5~#~char",
		"customproperty6": "onPremisesExtensionAttributes.extensionAttribute6~#~char",
		"customproperty8": "onPremisesExtensionAttributes.extensionAttribute8~#~char",
		"customproperty9": "onPremisesExtensionAttributes.extensionAttribute9~#~char",
		"customproperty10": "onPremisesExtensionAttributes.extensionAttribute10~#~char",
		"customproperty11": "onPremisesExtensionAttributes.extensionAttribute11~#~char",
		"customproperty12": "onPremisesExtensionAttributes.extensionAttribute12~#~char",
		"customproperty13": "onPremisesExtensionAttributes.extensionAttribute13~#~char",
		"customproperty14": "onPremisesExtensionAttributes.extensionAttribute14~#~char",
		"customproperty15": "onPremisesExtensionAttributes.extensionAttribute15~#~char",
		"customproperty17": "companyName~#~char",
		"customproperty18": "department~#~char",
		"customproperty32": "jobTitle~#~char",
		"customproperty34": "mail~#~char",
		"customproperty37": "onPremisesSecurityIdentifier~#~char",
		"customproperty38": "onPremisesImmutableId~#~char",
		"customproperty40": "userType~#~char",
		"customproperty41": "onPremisesSyncEnabled~#~bool",
		"customproperty42": "accountEnabled~#~char",
		"customproperty43": "mailNickname~#~char",
		"customproperty44": "identities~#~char",
		"customproperty45": "onPremisesDistinguishedName~#~char",
		"customproperty46": "onPremisesProvisioningErrors~#~char",
		"customproperty47": "onPremisesDomainName~#~char",
		"customproperty48": "onPremisesLastSyncDateTime~#~char",
		"displayname": "displayName~#~char",
		"customproperty50": "createdDateTime~#~char",
		"customproperty51": "lastPasswordChangeDateTime~#~char",
		"customproperty53": "employeeType~#~char"	
	}
}

Saathvik · ‎05/03/2024

@Alex_Terry : Looking at mappings I don't see any issue. It should work as it worked in your pre-production. Now it is unlikely to troubleshoot without having reference of accounts or logs. Is it reproducible in your lower environments?

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Alex_Terry · ‎05/07/2024

Hi @Saathvik, when configuring this in our lower environment we did not face this issue.

rushikeshvartak · ‎05/04/2024

Please share logs

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Alex_Terry · ‎05/07/2024

Hi @rushikeshvartak, we are unable to share the logs. When we identified that duplicate account records were getting created we paused the import job and performed a database rollback.

rushikeshvartak · ‎05/07/2024

Create new applications and try json so in case of duplication you can delete application

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Saviynt Forums

Accounts Table: Index Field