Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

All Accesses are Detected as Out of Band Access after access Import from Application

KK
Regular Contributor
Regular Contributor

‎10/07/2024 12:01 AM

Hi.

I found issue with Out of Band access detection.
The record of account_entitlements1 that's arstaskkey is empty will be detected as Out of Band.

Now, I have one account that have 2 entitlements.
One is assigned from application, so, arstaskkey is empty.
Other is assigned by Saviynt, so, arstaskkey is set.
In this case, the record that's arstaskkey is empty is detected as Out of Band.

select * from account_entitlements1 where accountkey=24185

KK_0-1728283729322.png

 

Now, I do re-baseline application from endpoint.

KK_1-1728283845929.png

Then, the dummy arstaskkey is set to 1st record. So, now, both records are not detected as Out of Band.

KK_2-1728283956685.png

Then, I do access import from application. Then, arstaskkey for both records are empty.

KK_3-1728284156236.png

So, both entitlements are detected as Out of Band,
This is issue because I set 1st record as NOT Out of Band by Baseline function, and 2nd record entitlement was assigned from Saviynt actually.
Both entitlements should not be detected as Out of Band.

Problem is that arstaskkey become empty by access import.
Arstaskkey should be remained after access import.

Could you check for this?

Best Regards,

Labels:
0 Kudos
5 REPLIES 5

Amit_Malik
Valued Contributor II
Valued Contributor II

‎10/07/2024 01:46 AM

@KK , we had this issue in sp3.5. It was then fixed with 3.6 hotfix.

Raise a ticket. Looks like the same bug/issue.

 

Kind Regards,
Amit Malik
If this helped you move forward, please click on the "Kudos" button.
If this answers your query, please select "Accept As Solution".
0 Kudos

rushikeshvartak
All-Star
All-Star

‎10/07/2024 06:58 AM

  • This is issue with your import.
  • Does your accentkey is changing after import or is it same ?
  • If its changing then you have issue in import
  • if accentkey is same then its known product issue fixed in latest version 24.9

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

KK
Regular Contributor
Regular Contributor

‎10/07/2024 04:34 PM

@rushikeshvartak 
Thank you.
Accentkey is changing after import.
How to fix this issue?

Best Regards,

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to KK

‎10/07/2024 08:07 PM

  • This is issue with connector configuration. 
  • You need to find why mapping is getting removed and adding back.

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

KK
Regular Contributor
Regular Contributor

‎10/07/2024 11:14 PM

@rushikeshvartak 
Thank you.

I use Active Directory connection.
Which configuration of connection is wrong?

groupImportMapping is below.

{
"entitlementTypeName": "memberOf",
"importGroupHierarchy": "true",
"performGroupAccountLinking": "true",
"importnestedmembershipoutofscope": "true",
"incrementalTimeField": "whenChanged",
"groupObjectClass": "(objectclass=group)",
"entitlementOwnerAttribute": "managedBy",
"tableFieldAttribute": "accountID",
"mapping": "memberHash:member_char,customproperty1:sAMAccountType_char,customproperty20:whenCreated_date,customproperty2:instanceType_char,customproperty3:uSNCreated_char,customproperty4:groupType_char,customproperty5:dSCorePropagationData_char,customproperty12:dn_char,customproperty13:cn_char,lastscandate:whenCreated_date,customproperty15:managedBy_char,entitlement_glossary:description_char,description:description_char,displayname:name_char,customproperty9:name_char,customproperty10:objectCategory_char,customproperty11:sAMAccountName_char,entitlement_value:distinguishedName_char,entitlementid:objectGUID_Binary,customproperty14:objectClass_char,updatedate:whenChanged_date,customproperty16:memberOf_char,customproperty17:distinguishedName_char,RECONCILATION_FIELD:customproperty18,customproperty18:objectGUID_Binary,status:isCriticalSystemObject_Binary"
}

0 Kudos
Copyright © 2024 Khoros, LLC