Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/15/2023 10:17 AM - last edited on 06/15/2023 10:41 AM by Dave
I'm confused on why do we have AD account to user correlation rule both at endpoint and at a connector level ?
It will be great to know the differences between correlation rules specified at endpoint level and the one specified at connector level.
Thanks,
Ajith
Solved! Go to Solution.
06/15/2023 11:23 AM
@Ajith As far as I know, we only have the account-user correlation rule at the Endpoint level.
can you clarify what do you mean by correlation rule at the connector level?
06/16/2023 12:56 AM
I was refering to this configuration in AD Connection. After reading the description provided my understanding is that it maps LDAP account to a Saviynt user.
Can you help me to uderstand what exactly this configuration is if not used for user correlation?
06/16/2023 07:59 AM
@Ajith The connection parameter USER_ATTRIBUTE is used to map LDAP user attributes to EIC User attributes. This is used during import USERS from LDAP targets. The USER_ATTRIBUTE connection parameter is not used for the User-Account correlation.
Doc link - https://docs.saviyntcloud.com/bundle/AD-v23x/page/Content/Configuring-the-Integration-for-Importing-...
User Account Correlation Rule in the endpoint is only used for correlating users and accounts.
Regards,
Vivek Mohanty
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem
06/16/2023 08:13 AM
I think now I got this.
1. Account to user correlation is required when LDAP user accounts are imported as EIC accounts. This will be performed as per the configurations in Endpoint. If not correlated the accounts imported to EIC will be flagged orphan
2. The connection parameter USER_ATTRIBUTE will be used when LDAP user accounts are imported as EIC users. This configuration creates new users in EIC if the user does not exist.
If you can confirm please
A similar query on the connection parameter ACCOUNTNAMERULE and the Endpoint rule - Account Name Rule. Why do we need the same rule at Endpoint level and at a connection level?
Thanks,
Ajith
06/16/2023 08:18 AM
@Ajith Your last query deserves a separate forum post 🙂
If my previous response has answered your original question please click the Accept As Solution button on that reply to help future users who may have a similar problem
06/16/2023 08:20 AM
sure!
I shall raise a post a new query
Thanks,
Ajith