We have below use case and need some understanding if actionable analytics can help us here or not?
We have already read the FD Document but it does not has all the details : Configuring Allowed Actions (saviyntcloud.com)
Use Case :
We have AD as a target system configured in environment. For some users we found out that there is the discrepancy on Saviynt User Profile Department information with respect to AD Account Department Information.
Currently we have configured a update account rule to update the department, via file based import by updating 1 of the CP value, which in turns trigger update account task for AD and data get sync.
Assistance Required :
We were trying to explore the actionable analytics feature - Update Account.
We are unable to understand, how can we make the admin to update this CP value on Saviynt User Profile Data so that the update account task on AD get triggered via Rule.
Please share some thoughts on this.
Solved! Go to Solution.
You can try to use following actionable query to update the accounts, this should create the update account tasks -
select a.ACCOUNTKEY as 'acctKey', u.USERNAME, a.name as 'Account Name', ep.ENDPOINTNAME as 'End Point Name', 'Update Account' AS Default_Action_For_Analytics from users u left join accounts a on u.username = a.name left join endpoints ep on a.ENDPOINTKEY = ep.ENDPOINTKEY where ep.endpointkey = <ADendpoinkey> and u.username in ('<username>')
If this is one time activity then please update the value on user profile via CSV.
Create one corresponding user updating rule and action for that rule will be update account task.
Once the task are processed and data between your AD and User profile is in sync, disable that user update rule.
Many thanks for the response.
I was able to achieve the use case as below :
1. Wrote below query :
A.accountkey as acctKey,
E.ENDPOINTKEY as endpointkey,
A.NAME AS 'APPLICATION ACCOUNT NAME',
U.USERNAME AS 'USERNAME',
CASE WHEN U.STATUSKEY IS NULL THEN 'NOT AVAILABLE' WHEN U.STATUSKEY = 0 THEN 'INACTIVE' WHEN U.STATUSKEY = 1 THEN 'ACTIVE' ELSE U.STATUSKEY END AS 'USER STATUS',
CASE WHEN A.STATUS IS NULL THEN 'NOT AVAILABLE' WHEN A.STATUS = 1 THEN 'ACTIVE' ELSE A.STATUS END AS 'ACCOUNT STATUS',
U.CUSTOMPROPERTY11 AS 'CP11 - USER DEPARTMENT VALUE',
A.CUSTOMPROPERTY7 AS 'CP7 - ACCOUNT DEPARTMENT VALUE',
E.DISPLAYNAME AS 'APPLICATION DISPLAY NAME',
CASE WHEN U.CUSTOMPROPERTY11 != A.CUSTOMPROPERTY7 THEN 'DEPARTMENT MISMATCH' ELSE 'No Issues' END
) AS 'COMPARISON RESULT'
A.ACCOUNTKEY = UA.ACCOUNTKEY
AND U.USERKEY = UA.USERKEY
AND A.ENDPOINTKEY = E.ENDPOINTKEY
AND E.SECURITYSYSTEMKEY = S.SYSTEMKEY
AND U.STATUSKEY = 1
AND E.STATUS = 1
AND E.ENDPOINTKEY = 2
AND A.STATUS IN (1, 'MANUALLY PROVISIONED')
AND U.USERNAME NOT IN ('ADMIN', 'AWSADMIN')
AND U.CUSTOMPROPERTY11 != A.CUSTOMPROPERTY7
2. In Allowed actions we have set update account task.
This is working as expected.