Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

AD account rename

asp
Regular Contributor II
Regular Contributor II

Hi all,

We need to update the user's AD sAMAccountName, when their firstname/lastname changes in the source system. I can create a 'user update rule' to check if there is a name change, but how do I call the 'account name rule' on the AD endpoint to trigger the re-calculation of the new AD account name (sAMAccountName) that is based on the user's new firstname/lastname? Is there a way to handle this in the 'updateAccountJSON' for AD?  This would be the user's regular AD account (not service accounts). 

Thanks!

6 REPLIES 6

dgandhi
All-Star
All-Star

Hi @asp 

Can you define that logic in update account JSON if that helps to meet your use case?

"samaccountname": "${user.firstname} - ${user.lastname}", 

Thanks

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

asp
Regular Contributor II
Regular Contributor II

I can, but how do I check for uniqueness within the update account JSON?  I will need to make sure that 'firstname-lastname' is not already in use. 

rushikeshvartak
All-Star
All-Star

If you change sAMAccountName it will also change DN isn't it ? what is your current account name  & account id field mapped to AD Attribute in Saviynt


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

IAM-VP
New Contributor
New Contributor

Hi @rushikeshvartak ,

sAMAccountName calculate separately and DN contains CN value, would it still modify sAMAccountName and In which case it will modify?

Sunanda_Bishnoi
Saviynt Employee
Saviynt Employee

Hi,

Please do mapping for samaccountnamein updateaccountjson and that should do the trick, e.g 

"sAMAccountName": "${user.firstname} ${user.lastname}",

then let's say user's firstname and lastname are f1 and l1 initially then samaccountname was formed as f1 l1. Now, you updated the firstname to f2 then once the user update rule triggers the update account task it will update samaccountname to f2 l1.

Once you run the AD import, this will get reflected in Saviynt as well.

Thanks,

Sunanda Bishnoi

asp
Regular Contributor II
Regular Contributor II

How do I check for samaccountname uniqueness in updateaccountjson?  What if f2 l1 is already taken?