Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Assign AccountName Rule as per child endpoint for Active Directory

Go to solution
PB1
New Contributor II
New Contributor II

‎04/25/2023 07:30 PM

Hello,

We have a ADSI connector connecting with 2 AD forests with 1 domain in each forest (Domain1 and Domain2).
We also have few AD based applications in Domain1.

The configuration we have for this is - a Master endpoint with Domain1 and Domain2 as child endpoint. Also App1, App2, App3 have Domain1 as parent.

Endpoint filters are defined for Domain1, App1, App2, App3 and Domain2.

Upon reconciliation we get all accounts and access in Master and also accounts for Domain1, Domain2, App1, App2, App3.

However for provisioning we want if the user requests for Domain1 entitlement, upon provisioning, as per Domain1 the create account task, which will be generated for Master endpoint should have account name rule as per Domain1.

Will the request object have this information whihc we can use in create account json or accountname rule?

Thanks!

Labels:
0 Kudos
3 REPLIES 3

Go to solution
timchengappa
Saviynt Employee
Saviynt Employee

‎04/26/2023 04:01 PM

Hi @PB1 

Please refer to the "Account Name Rule" section of the document below. It has a sample of using 'if-else' statements and generates an account name. 
Ref: https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter02-Identity-Repository/...

You can then use the system-generated AccountName prefixed to the DN  of the AccountNameRule of the AD connector. Please see the definition of 'ACCOUNTNAMERULE" in the document below for samples...
Ref: https://docs.saviyntcloud.com/bundle/LDAP-v23x/page/Content/Understanding-the-Integration-Between-EI...

Go to solution
PB1
New Contributor II
New Contributor II

‎05/09/2023 10:52 AM

Thanks for your response.  We pulled the endpointname from the request and used it to define the accountname rule.

Go to solution
timchengappa
Saviynt Employee
Saviynt Employee

‎05/09/2023 12:24 PM

Hi @PB1 Thanks for confirming the solution.

0 Kudos
Copyright © 2024 Khoros, LLC