Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Add to role only if account exist at endpoint

Sbachu
New Contributor II
New Contributor II

we are creating BR roles using technical rules but we want to add only those users who have a account at endpoint. Any new users who's  account is not existing should be omitted even if User matches the tech rule. if his account is created on later date User should add to role and get provisioned to groups in role. is there a way to achieve this without using a custom property update at identity level

13 REPLIES 13

rushikeshvartak
All-Star
All-Star

You can join to accounts table in advanced query

Refer https://forums.saviynt.com/t5/saviynt-knowledge-base/advanced-usage-of-eic-identity-objects-in-provi...


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

AmitM
Valued Contributor
Valued Contributor

Hi @Sbachu , 

Provisioning rules allow you to use different tables , other than users. Here is Saviynt document for same : https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Obtaining-the-attribute-details-from-tables-o...

Above doc has the tables and the format to use those.

Also Forum doc : https://forums.saviynt.com/t5/saviynt-knowledge-base/advanced-usage-of-eic-identity-objects-in-provi...

Thanks, Amit

If this answers your query, Please ACCEPT SOLUTION and give KUDOS.

pmahalle
All-Star
All-Star

HI @Sbachu ,

You can use advanced query in your technical for conditions and there you can use accounts, user_accounts table to check whether user have account on the endpoint or not. Below is the sample advance query for the rule.

a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('<endpoint name here>','<provide endpoint name here>'))

pmahalle_1-1712656141383.png

 


Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂

Sbachu
New Contributor II
New Contributor II

Thank you so much @pmahalle  i am testing this. can you please elaborate this query to include of if customproperty8 contains 'xxxxxx' we have this CP8 update for each user and when trying to include this in query i am getting invalid condition. 

Please share query


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Users.customproperty8 like '%xxxxxxx%' and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))

a.customproperty8 like '%xxxxxxx%' and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Sbachu
New Contributor II
New Contributor II

if (Users. customproperty8 = 'xxxxxxx') and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1')) 

 

we are using supervisor ID in XXXXX

Sbachu
New Contributor II
New Contributor II

Users.customproperty8 like '%1001001146%' and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1'))

if (a.customproperty8 = 'xxxxxxx') and a.statuskey=1 and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname in ('Aloy_AD_SaviyntPOC_Test1','Aloy_AD_SaviyntPOC_Test1')) 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Thank you so much @rushikeshvartak 

Please click the 'Accept As Solution' button on the reply (or replies) that best answered your original question.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

The solution you suggested works @rushikeshvartak