Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

AD Group creation via Saviynt

SirishaP
New Contributor II
New Contributor II
Hi,
 
When attempting to create an ADSI Group via Saviynt manageBy value in AD group is not getting updated, In Saviynt we can see owner being set 

This the syntax we are using -

Any changes to be made to Syntax?

 
GroupImportMapping
{
"importGroupHierarchy": "true",
"entitlementTypeName": "memberOf",
"performGroupAccountLinking": "true",
"groupObjectClass": "(objectclass=group)",
"mapping": "memberHash:member_char,customProperty1:samaccounttype_char,customProperty2:instancetype_char,customProperty3:usncreated_char,customProperty4:grouptype_char,customProperty5:dscorepropagationdata_char,customProperty12:dn_char,customProperty13:cn_char,lastscandate:whencreated_date,customProperty15:managedby_char,entitlement_glossary:description_char,description:description_char,displayname:name_char,customProperty9:name_char,customProperty10:objectcategory_char,customProperty11:samaccounttype_char,entitlement_value:distinguishedname_char,entitlementid:objectguid_binary,customProperty14:objectclass_char,updatedate:whenchanged_date,customProperty17:distinguishedname_char,RECONCILATION_FIELD:entitlementid",
"entitlementOwnerAttribute": "managedby",
"tableFieldAttribute": "customproperty32"
}
 
CREATEGROUPJSON
{
"objects": [
{
"objectClasses": [
"group"
],
"baseDn": "${role.customproperty24}",
"attributes": {
"cn": "${role?.customproperty26}",
"name": "${role?.displayname}",
"description": "${role?.description}",
"displayName": "${role?.displayname}",
"groupType": "-2147483640",
""managedBy": "${ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11)!=null && ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11).size()>0?ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11).get(0)?.name:null}",
"mailnickname": "${role?.customproperty26}@XXX.com"
}
}
]
}
 
UPDATEGROUPJSON
{ "objects":
[
{ "objectClasses": [ "group" ],
"distinguishedName": "${role.role_name}",
"attributes": { "description": "${role?.description}",
"managedBy": "${ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11)!=null && ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11).size()>0?ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11).get(0)?.name:null}"
}
}
]
}
 
 
3 REPLIES 3

NM
Honored Contributor III
Honored Contributor III

@SirishaP try this 

{

"objects": [

{

"objectClasses": [

"group"

],

"baseDn": "${role.customproperty24}",

"attributes": {

"cn": "${role?.customproperty26}",

"name": "${role?.displayname}",

"description": "${role?.description}",

"displayName": "${role?.displayname}",

"groupType": "-2147483640",

"managedBy": "${ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11)!=null && ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11).size()>0?ownerAccountListMap.get(allOwnerList.get(0)?.userkey.customproperty11).get(0)?.name:null}",

"mailnickname": "${role?.customproperty26}@XXX.com"

}

}

]

}

SirishaP
New Contributor II
New Contributor II

Hi @NM 

Thanks for the response

We have tried the above syntax, it didn't work either

"managedBy": "${ownerAccountListMap.get(allOwnerList.get(0)?.userkey.username)!=null && ownerAccountListMap.get(allOwnerList.get(0)?.userkey.username).size()>0?ownerAccountListMap.get(allOwnerList.get(0)?.userkey.username).get(0)?.name:null}"

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.