Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Birthright Access for Active Directory Service accounts

aundreb
Regular Contributor II
Regular Contributor II

Hello,

 

Is it possible to assign roles/entitlements automatically to a service account created through the manage service account module after creation? Doesn't look like you can achieve this through technical rules.

I have the use case where a generic service account would need to assign a set of entitlements or role and for a kiosk service account would need to assign a set of entitlments or role. 

Is it also possible to create multiple service account types? The default I see is ServiceAccount

 

Thanks,

Aundre

5 REPLIES 5

Darshanjain
Saviynt Employee
Saviynt Employee

Hi @aundreb 

You can assign roles/entitlements automatically to only users via user update rules . So for service accounts there is no way to automatically assign the entitlements

( You can tag it for a dummy user to achieve the use case- if that is okay, if not then you can use Default action for analytics to get entitlements assigned as well ).

Coming to create multiple account types, manage service account is a tile and you can create/manage all account types in the tile. ( make sure account types are already present for one account to show up in the tile ). You have to mention those account types in endpoint under the field service account types.

 

Thanks

Darshan

aundreb
Regular Contributor II
Regular Contributor II

 Hi Darshan,

Can you elaborate on using analytics to accomplish this? Is there a guide I can take a look at?

 

For the account types, I don't see anywhere to create a new account type when I click on manage service accounts on the home screen. It just has the checkout process to create a service account. Do you have a screenshot of what it looks like/where it is?

Thanks,

Aundre

Hi @aundreb 

You can go through the below doc for analytics

https://docs.saviyntcloud.com/bundle/EIC-Admin-v2020x/page/Content/Chapter17-EIC-Analytics/Configuri....

 

For Account types, once u click on Manage service accounts, next page you may need to select the endpoint, once you select the endpoint you will be on a page like below where you may need to select a accounttype,account name , etc etc

Darshanjain_0-1678467207592.png

Now for the account type to selected, you need to have it configured in the endpoint page.

in Endpoint page to configure ( These values have to be updated to atleast one account in account type then only it will be shown in Endpoint page )

Darshanjain_1-1678467267898.png

 

For more details on Service account management you can check the below link.

https://docs.saviyntcloud.com/bundle/EIC-Admin-v2021x/page/Content/Chapter04-Application-Management-...

 

Thanks

Darshan

aundreb
Regular Contributor II
Regular Contributor II

Thanks Darshan, I'll review that analytic.

For the Service Account type, I see that portion in the endpoint to select a Service Account Type, however it does not let you configure a new one on the endpoint(see below screenshot). I'm looking to create a new one for this endpoint, how do you do that? The documentation isn't clear.

 

aundreb_0-1678469581103.png

 

You can configure Type of account only when there is any other type of account exist on that endpoint.

If you expect other type of accounts later point but don't have now. Then you can import some dummy accounts one per each type you are expecting to show to this endpoint using upload option and then you can configure this field 


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.