Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/28/2024 04:12 AM
I am looking for best practice recommendations on how to connect and manage MS SQL Server using the DB Connector. The documentation does not give any examples at all.
From an architectural perspective, how should we map the various SQL concepts to Saviynt concepts?
- Is the security system the instance/server?
- Should the default endpoint contain server logins as accounts?
- Are database users also represented as accounts, or are they just entitlements?
- how do we typically represent other entitlement types such as server and database roles?
- Would other (child?) endpoints be created per database, with a specific set of entitlements (database users, roles etc)?
- what type should the 'entitlementType' and 'entitlementValue' fields be so that the connector will deal with them? Arrays? A hierarchy?
From a technical standpoint, the example query in the docs (select accountname,securitysystem,endpoint,entitlementtype,entitlementvalue,status from accounts) doesn't make any sense. What is this supposed to be querying? No SQL DBA will allow us to run whatever we want against the DB. We intend that the SQL DBA teams will give us a standardised set of stored procedures for every server, where we have only exec permissions on the SP (list/create/delete etc).
It seems that the below 5 parameters are mandatory so we need to tell the DBAs what to encode in the output of the SP i.e.
account,securitysystem,endpoint,entitlementtype,entitlementvalue
In the first instance we just want to do CRUD of the account, not access, so do we pass nulls to entitlementtype,entitlementvalue?
08/28/2024 07:16 AM
Import XML Query - You need to prepare as per requirement - mandatory columns are listed in documentation