Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

ADSI Unlock Account JSON

ReshamDas
Regular Contributor
Regular Contributor

Hi,

In AD connection config, we have one option for UNLOCKACCOUNTJSON, through which the 'Unlock Account' tasks can be handled.

However, on the ADSI connection config window or the ADSI documentation, we are unable to find any such JSON specific for unlocking accounts. 'Unlock Account' tasks can be triggered from the 'Change Account Password for Self'/'Reset Account Password for Others' page on Saviynt UI.

We tried by adding the below config on the STATUS_THRESHOLD_CONFIG json:-

{
"statusAndThresholdConfig": {
"statusColumn": "customproperty38",
"activeStatus": [
"512",
"544",
"66048",
"4096",
"66080",
"197120",
"2687488",
"590336",
"1114624",
"2097664",
"2163200",
"4194816",
"4260352",
"16843264"
],
"inactiveStatus": [
"546",
"514",
"66050",
"4098",
"66082",
"328194",
"66178",
"590338",
"1114626",
"2163202",
"16843266"
],
"deleteLinks": true,
"accountThresholdValue": 500,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": false,
"lockedStatusColumn": "customproperty38",
"lockedStatusMapping": {
"Locked": [
"546"
],
"Unlocked": [
"512"
]
}
}
}

However, this seems to be not working, as we see the following error message on trying to run WSRETRY on the 'Unlock Account' task generated:- "No mapping found for the connectionType ADSI in connectionTypeToServiceMap. UnLockAccount failed in target as no available connector service was found."

Kindly help to let us know how can unlocking accounts be achieved in ADSI connection.

6 REPLIES 6

rushikeshvartak
All-Star
All-Star
  • Don't you have lock/unlock json block in connector ?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

No

You need to use enable/disable action under endpoint  and its there in connector also

rushikeshvartak_0-1726671218205.png

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

We already have ENABLEACCOUNTJSON and DISABLEACCOUNTJSON configured and working fine for the 'Enable Account' and 'Disable Account' tasks.

However, there exists an 'UNLOCK' button of the 'Change Account Password for Self'/'Reset Account Password for Others' pages, which on click is triggering 'Unlock Account' tasks:-

ReshamDas_0-1726672026326.png

Task:-

ReshamDas_1-1726672052090.png

So, we wanted guidance on how this task can be provisioned, as there is no separate config json block on the ADSI connector.

It seems code issue its looking for unlock json please raise support ticket


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

ReshamDas
Regular Contributor
Regular Contributor

Saviynt Support suggested to raise idea for this case, so raised this idea.