Click HERE to see how Saviynt Intelligence is transforming the industry. |
04/08/2024 09:14 AM - edited 04/08/2024 09:32 AM
we are creating BR roles using technical rules but we want to add only those users who have a account at endpoint. Any new users who's account is not existing should be omitted even if User matches the tech rule. if his account is created on later date User should add to role and get provisioned to groups in role. is there a way to achieve this without using a custom property update at identity level
Solved! Go to Solution.
04/08/2024 01:14 PM - edited 04/08/2024 01:15 PM
You can join to accounts table in advanced query
04/09/2024 02:01 AM
Hi @Sbachu ,
Provisioning rules allow you to use different tables , other than users. Here is Saviynt document for same : https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Obtaining-the-attribute-details-from-tables-o...
Above doc has the tables and the format to use those.
Also Forum doc : https://forums.saviynt.com/t5/saviynt-knowledge-base/advanced-usage-of-eic-identity-objects-in-provi...
Thanks, Amit
If this answers your query, Please ACCEPT SOLUTION and give KUDOS.
04/09/2024 02:49 AM
HI @Sbachu ,
You can use advanced query in your technical for conditions and there you can use accounts, user_accounts table to check whether user have account on the endpoint or not. Below is the sample advance query for the rule.
a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('<endpoint name here>','<provide endpoint name here>'))
04/09/2024 09:07 AM
Thank you so much @pmahalle i am testing this. can you please elaborate this query to include of if customproperty8 contains 'xxxxxx' we have this CP8 update for each user and when trying to include this in query i am getting invalid condition.
04/09/2024 09:08 AM
Please share query
04/09/2024 09:25 AM
Users.customproperty8 like '%xxxxxxx%' and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))
04/09/2024 09:27 AM
a.customproperty8 like '%xxxxxxx%' and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))
04/09/2024 09:13 AM
if (Users. customproperty8 = 'xxxxxxx') and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))
we are using supervisor ID in XXXXX
04/09/2024 09:24 AM
Users.customproperty8 like '%1001001146%' and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))
04/09/2024 09:24 AM
if (a.customproperty8 = 'xxxxxxx') and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))
04/09/2024 10:27 AM
Thank you so much @rushikeshvartak
04/09/2024 10:33 AM
Please click the 'Accept As Solution' button on the reply (or replies) that best answered your original question.
04/09/2024 10:35 AM
The solution you suggested works @rushikeshvartak