Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/18/2024 06:15 AM
Hi,
In AD connection config, we have one option for UNLOCKACCOUNTJSON, through which the 'Unlock Account' tasks can be handled.
However, on the ADSI connection config window or the ADSI documentation, we are unable to find any such JSON specific for unlocking accounts. 'Unlock Account' tasks can be triggered from the 'Change Account Password for Self'/'Reset Account Password for Others' page on Saviynt UI.
We tried by adding the below config on the STATUS_THRESHOLD_CONFIG json:-
{
"statusAndThresholdConfig": {
"statusColumn": "customproperty38",
"activeStatus": [
"512",
"544",
"66048",
"4096",
"66080",
"197120",
"2687488",
"590336",
"1114624",
"2097664",
"2163200",
"4194816",
"4260352",
"16843264"
],
"inactiveStatus": [
"546",
"514",
"66050",
"4098",
"66082",
"328194",
"66178",
"590338",
"1114626",
"2163202",
"16843266"
],
"deleteLinks": true,
"accountThresholdValue": 500,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": false,
"lockedStatusColumn": "customproperty38",
"lockedStatusMapping": {
"Locked": [
"546"
],
"Unlocked": [
"512"
]
}
}
}
However, this seems to be not working, as we see the following error message on trying to run WSRETRY on the 'Unlock Account' task generated:- "No mapping found for the connectionType ADSI in connectionTypeToServiceMap. UnLockAccount failed in target as no available connector service was found."
Kindly help to let us know how can unlocking accounts be achieved in ADSI connection.
09/18/2024 07:44 AM
09/18/2024 07:50 AM
No
09/18/2024 07:53 AM
You need to use enable/disable action under endpoint and its there in connector also
09/18/2024 08:09 AM
We already have ENABLEACCOUNTJSON and DISABLEACCOUNTJSON configured and working fine for the 'Enable Account' and 'Disable Account' tasks.
However, there exists an 'UNLOCK' button of the 'Change Account Password for Self'/'Reset Account Password for Others' pages, which on click is triggering 'Unlock Account' tasks:-
Task:-
So, we wanted guidance on how this task can be provisioned, as there is no separate config json block on the ADSI connector.
09/18/2024 08:38 AM
It seems code issue its looking for unlock json please raise support ticket
09/19/2024 10:20 AM - edited 09/19/2024 10:20 AM
Saviynt Support suggested to raise idea for this case, so raised this idea.