Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

After completion of user requested application they need to get AD access automatically

Ramana
New Contributor II
New Contributor II

‎03/26/2023 12:26 AM

Hi Team,

We had a requirement that once user request a application after submitting it they the task will be generated. Once we run the provisioning job the task gets complete the application will be assigned to him. Here after we need to give him the AD access.

Once the application assigned to the user automatically the AD access need to be given.

I tried to use technical rule but its depand on user attribute side the rule will trigger 

So how can we achive this issue, please let me know anyone is aware of this one 

 

Thanks,

Ramana Muriki

Labels:
0 Kudos
4 REPLIES 4

sudeshjaiswal
Saviynt Employee
Saviynt Employee

‎03/26/2023 11:28 AM

Hello @Ramana 

Ensure the action must be defined in the technical rule to create the account for the AD endpoint and assign the group. If this is not done, no tasks will be generated for the user.

Both the account creation and group addition actions should be kept, as shown in the screenshot below.

sudeshjaiswal_0-1679855034437.png

Ref: https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter05-Policies/Creating-Technic... 

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".
0 Kudos

amit_krishnajit
Saviynt Employee
Saviynt Employee

‎03/26/2023 09:01 PM

You may want to use Entitlement Map. For the requested application entitlements, map the AD groups in the entitlement map. After approval, when the tasks are created for the requested application entitlement, the tasks for AD groups would also be created and provisioned.

 

If you want to explicitly create tasks for AD groups after the tasks for the request application entitlements are completed, then you may use actionable analytics which would trigger add access for the AD groups. In the SQL query in analytics, you would determine any requests which were completed and tasks completed, you can trigger AD groups provisioning for such records. 

 

Thanks,
Amit
0 Kudos

Ramana
New Contributor II
New Contributor II
In response to amit_krishnajit

‎03/27/2023 05:17 AM

Hi Amit,

I mapped the AD group to all requested application.
I requested the application which is maped to AD group but still not able to see the ad task created

 

Thanks,

Ramana Muriki

0 Kudos

amit_krishnajit
Saviynt Employee
Saviynt Employee
In response to Ramana

‎03/28/2023 01:18 AM

Could you please share a screenshot of the Entitlement Map? Also, please make sure that the Request-Option for the AD Group entitlement type is set to something other than None (e.g., None(Create Task), Table, etc.) 

 

Thanks,
Amit
0 Kudos
Copyright © 2024 Khoros, LLC