Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD account to user correlation - at endpoint and at connector level

Go to solution
Ajith
New Contributor III
New Contributor III

‎06/15/2023 10:17 AM - last edited on ‎06/15/2023 10:41 AM by Community Manager

I'm confused on why do we have AD account to user correlation rule both at endpoint and at a connector level ?
It will be great to know the differences between correlation rules specified at endpoint level and the one specified at connector level.

5.5 SP 5.x 

Thanks,
Ajith

5.5 SP 5.x
Thumbnail of 5.5 SP 5.x
5.5 SP 5.x
Version
Labels:
0 Kudos
6 REPLIES 6

Go to solution
vivekmohanty_pm
Saviynt Employee
Saviynt Employee

‎06/15/2023 11:23 AM

@Ajith As far as I know, we only have the account-user correlation rule at the Endpoint level.

can you clarify what do you mean by correlation rule at the connector level?

0 Kudos

Go to solution
Ajith
New Contributor III
New Contributor III
In response to vivekmohanty_pm

‎06/16/2023 12:56 AM

AD_Connection_UserAttribute_Config.JPG

 

 

 

 

 

I was refering to this configuration in AD Connection. After reading the description provided my understanding is that it maps LDAP account to a Saviynt user.

Can you help me to uderstand what exactly this configuration is if not used for user correlation?

 

0 Kudos

Go to solution
vivekmohanty_pm
Saviynt Employee
Saviynt Employee

‎06/16/2023 07:59 AM

@Ajith The connection parameter USER_ATTRIBUTE is used to map LDAP user attributes to EIC User attributes. This is used during import USERS from LDAP targets. The USER_ATTRIBUTE connection parameter is not used for the User-Account correlation.
Doc link - https://docs.saviyntcloud.com/bundle/AD-v23x/page/Content/Configuring-the-Integration-for-Importing-...

User Account Correlation Rule in the endpoint is only used for correlating users and accounts.

Doc link - https://docs.saviyntcloud.com/bundle/EIC-Admin-v2022x/page/Content/Chapter02-Identity-Repository/Bef...

Regards,
Vivek Mohanty
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem

Go to solution
Ajith
New Contributor III
New Contributor III

‎06/16/2023 08:13 AM

I think now I got this.
1. Account to user correlation is required when LDAP user accounts are imported as EIC accounts. This will be performed as per the configurations in Endpoint. If not correlated the accounts imported to EIC will be flagged orphan

2. The connection parameter USER_ATTRIBUTE will be used when LDAP user accounts are imported as EIC users. This configuration creates new users in EIC if the user does not exist.

If you can confirm please
A similar query on the connection parameter ACCOUNTNAMERULE and the Endpoint rule - Account Name Rule. Why do we need the same rule at Endpoint level and at a connection level?

Thanks,

Ajith

Go to solution
vivekmohanty_pm
Saviynt Employee
Saviynt Employee
In response to Ajith

‎06/16/2023 08:18 AM

@Ajith Your last query deserves a separate forum post 🙂

If my previous response has answered your original question please click the Accept As Solution button on that reply to help future users who may have a similar problem

Go to solution
Ajith
New Contributor III
New Contributor III

‎06/16/2023 08:20 AM

sure!
I shall raise a post a new query

 

Thanks,
Ajith

0 Kudos
Copyright © 2024 Khoros, LLC