Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Assigning Account Type During/After Account Import

Go to solution
jdfranco
New Contributor III
New Contributor III

‎04/27/2023 01:07 PM

How can we assign account type to accounts during or after the account import in bulk?

0 Kudos
7 REPLIES 7

Go to solution
NageshK
Saviynt Employee
Saviynt Employee

‎04/27/2023 01:59 PM

@jdfranco Thanks for posting your question in the forums. Please elaborate your use case with details like the target system from where the accounts are to be imported from, different account types on target and the connector you are planning to use and any other information that helps us understand the use case. 

Thanks

Nagesh K

0 Kudos

Go to solution
jdfranco
New Contributor III
New Contributor III
In response to NageshK

‎04/28/2023 08:00 AM

@NageshK , Accounts are being imported from AD, the account types are admin and service accounts and the connector is SC2.0.

The goal is to update ACCOUNTTYPE

0 Kudos

Go to solution
DixshantValecha
Saviynt Employee
Saviynt Employee
In response to jdfranco

‎05/02/2023 08:52 AM

Hi @jdfranco 

Kindly validate if the provided Solution is working for you.

Please refer this forum post as well for more info.

https://forums.saviynt.com/t5/identity-governance/how-can-we-bulk-update-quot-account-type-quot-attr...

0 Kudos

Go to solution
NageshK
Saviynt Employee
Saviynt Employee

‎05/01/2023 08:20 AM

@jdfranco I'm not sure if there is a way to do this but I've requested for this post to be moved under IGA category so that it can be looked at by the relevant teams. 

Thanks,

Nagesh K

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star

‎05/01/2023 09:41 AM

Option 1 - Perform account import on Saviynt for Saviynt DB connection to update the account type for AD application for the accounts starts with 's-' (hope this is the naming convention for the service accounts)

Option 2 - Perform account import on Saviynt REST connection to update the account type for AD application for the accounts starts with 's-' (hope this is the naming convention for the service accounts) --> Saviynt Recommended

 

https://forums.saviynt.com/t5/identity-governance/how-can-we-bulk-update-quot-account-type-quot-attr... 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Go to solution
dgandhi
All-Star
All-Star

‎05/01/2023 06:02 PM

Solution provided on below thread.

https://forums.saviynt.com/t5/identity-governance/how-can-we-bulk-update-quot-account-type-quot-attr...

 

1. First do AD accounts import

2. Write Sav to Sav to change the account type based on your logic/requirement. Below is the sample of the Sav to Sav. You can use this as base and modify it as per your requirement.

<![CDATA[Select a.name as name, s.SYSTEMNAME as securitysystem,e.ENDPOINTNAME as endpoint,
(CASE
WHEN a.endpointkey=30 THEN 'Primary Account'
WHEN a.endpointkey=70 THEN 'Disabled Account'
WHEN a.endpointkey IN(200,210) THEN 'Service Account'
WHEN a.endpointkey IN(80,90,100,110,120) THEN 'Privileged Account'
END) as accounttypename
from Accounts a
inner join endpoints e on e.endpointkey=a.endpointkey
inner join securitysystems s on s.systemkey=e.SECURITYSYSTEMKEY
where a.endpointkey IN(30,70,130,80,90,100,110,120,200,210)]]>
</sql-query>


<mapper description="This is the mapping field for SAviynt Field name" deleteaccountentitlement="true" ifusernotexists="noaction">
<mapfield saviyntproperty="accounts.name" sourceproperty="name" type="character"></mapfield>
<mapfield saviyntproperty="accounts.accounttype" sourceproperty="accounttypename" type="character"></mapfield>
<mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpoint" type="character"></mapfield>
<mapfield saviyntproperty="securitysystems.systemname" sourceproperty="securitysystem" type="character"></mapfield>
</mapper>

3. When you schedule jobs , first run the account import job and post that run your Sav to Sav DB import job.

Hope this helps!

Thanks

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

Go to solution
jdfranco
New Contributor III
New Contributor III

‎05/03/2023 07:41 AM

What we ended up doing was a custom query job on every import to update whatever is coming in on the endpoint

0 Kudos
Copyright © 2024 Khoros, LLC