Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/23/2024 11:14 AM - edited 08/26/2024 07:55 AM
Hello,
We have a situation for a user manager certification and are facing the following scenarios:
Scenario 1: When the certification is configured to ignore account (ignore account without entitlements set to Yes), the certification when launched directly moves to completion state.
Scenario 2: When ignore account without entitlement is set to No, the certification does not pick entitlements up when launched.
Does anyone have any insight on why this happens?
08/23/2024 11:18 AM
08/26/2024 04:12 PM
Seeing the below error in logs:
- config is pretty basic, filtering on a particular security system, objects included entitlements, tried with adding accounts, produces same result
- has a default certifier, and we are including all certifier
only thing we are changing is :
"ERROR","Error in fetching userAccessExpirydetails :: {}|java.lang.IllegalArgumentException: org.hibernate.hql.internal.ast.QuerySyntaxException: RoleUserAccount is not mapped [select distinct new Map (r.id as id, r.roleName as name, rua.enddate as expiryDate, 'Roles' as accessType) from com.saviynt.ssm.entity.Roles r, RoleUserAccount rua where r.id = rua.rolekey and r.status = 1 and rua.enddate is not null and rua.userkey = :userkey and rua.startdate between :startDate and :endDate]| at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:138) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:181) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:188) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:757) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:114) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source) ~[na:na]|Caused by: org.hibernate.hql.internal.ast.QuerySyntaxException: RoleUserAccount is not mapped [select distinct new Map (r.id as id, r.roleName as name, rua.enddate as expiryDate, 'Roles' as accessType) from com.saviynt.ssm.entity.Roles r, RoleUserAccount rua where r.id = rua.rolekey and r.status = 1 and rua.enddate is not null and rua.userkey = :userkey and rua.startdate between :startDate and :endDate]| at org.hibernate.hql.internal.ast.QuerySyntaxException.generateQueryException(QuerySyntaxException.java:79) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.QueryException.wrapWithQueryString(QueryException.java:103) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.hql.internal.ast.QueryTranslatorImpl.doCompile(QueryTranslatorImpl.java:220) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.hql.internal.ast.QueryTranslatorImpl.compile(QueryTranslatorImpl.java:144) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.engine.query.spi.HQLQueryPlan.<init>(HQLQueryPlan.java:112) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.engine.query.spi.HQLQueryPlan.<init>(HQLQueryPlan.java:73) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]|Caused by: org.hibernate.hql.internal.ast.QuerySyntaxException: RoleUserAccount is not mapped| at org.hibernate.hql.internal.ast.util.SessionFactoryHelper.requireClassPersister(SessionFactoryHelper.java:170) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.hql.internal.ast.tree.FromElementFactory.addFromElement(FromElementFactory.java:91) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.hql.internal.ast.tree.FromClause.addFromElement(FromClause.java:77) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.hql.internal.ast.HqlSqlWalker.createFromElement(HqlSqlWalker.java:334) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.hql.internal.antlr.HqlSqlBaseWalker.fromElement(HqlSqlBaseWalker.java:3782) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]| at org.hibernate.hql.internal.antlr.HqlSqlBaseWalker.fromElementList(HqlSqlBaseWalker.java:3671) ~[hibernate-core-5.6.15.Final.jar!/:5.6.15.Final]|
"2024-08-26T14:53:08.110+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Certification certkey 7441 is not attached.. attaching back to session"
"2024-08-26T14:53:08.110+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","deleting certification 7441"
"2024-08-26T14:53:07.149+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","campaignuserbatchcount = 100"
"2024-08-26T14:53:07.149+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG",""
"2024-08-26T14:53:07.177+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","populating data for manager-3495 and advUserList size=0"
"2024-08-26T14:53:07.178+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","userList size=1"
"2024-08-26T14:53:07.178+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Batch size configured for SA/UM campaign populating certification data 100"
"2024-08-26T14:53:07.180+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","tempAdvAccountList===0"
"2024-08-26T14:53:07.181+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","total account list 0 "
"2024-08-26T14:53:07.181+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Processing account 0 to 1 of 1"
"2024-08-26T14:53:07.181+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Finding accounts associated to the users for applications - AND a.endpointkey in(-1,4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102)"
"2024-08-26T14:53:07.182+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","User Accounts List Size - 0"
"2024-08-26T14:53:07.182+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","finding entitlement for accounts"
"2024-08-26T14:53:07.182+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","done calculating entitlements 0"
"2024-08-26T14:53:07.195+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving accounts total 0"
"2024-08-26T14:53:07.195+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","done saving accounts total 0"
"2024-08-26T14:53:07.195+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving certification_user_account_status total 0"
"2024-08-26T14:53:07.233+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Adding empty Certification to emptyCertificationsToBeDeleted - com.saviynt.ecm.campaign.domain.Certification : 7638"
"2024-08-26T14:53:07.251+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","populating data for Revue du gestionnaire - ControleTN - 20240826 - ggiusr3514 (test user)"
"2024-08-26T14:53:07.251+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","populating data for certification-Revue du gestionnaire - ControleTN - 20240826 - ggiusr3514 (test user), certifier-3514"
"2024-08-26T14:53:07.251+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","campaignuserbatchcount = 100"
"2024-08-26T14:53:07.251+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG",""
"2024-08-26T14:53:07.279+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","populating data for manager-3514 and advUserList size=0"
"2024-08-26T14:53:07.279+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","userList size=1"
"2024-08-26T14:53:07.280+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Batch size configured for SA/UM campaign populating certification data 100"
"2024-08-26T14:53:07.282+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","tempAdvAccountList===0"
"2024-08-26T14:53:07.282+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","total account list 0 "
"2024-08-26T14:53:07.282+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Processing account 0 to 1 of 1"
"2024-08-26T14:53:07.283+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Finding accounts associated to the users for applications - AND a.endpointkey in(-1,4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102)"
"2024-08-26T14:53:07.284+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","User Accounts List Size - 0"
"2024-08-26T14:53:07.284+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","finding entitlement for accounts"
"2024-08-26T14:53:07.284+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","done calculating entitlements 0"
"2024-08-26T14:53:07.284+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving users for Revue du gestionnaire - ControleTN - 20240826 - ggiusr3514 (test user)"
"2024-08-26T14:53:07.291+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","done saving users for Revue du gestionnaire - ControleTN - 20240826 - ggiusr3514 (test user)"
"2024-08-26T14:53:07.291+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving users status for Revue du gestionnaire - ControleTN - 20240826 - ggiusr3514 (test user)"
"2024-08-26T14:53:07.296+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","users status saved for Revue du gestionnaire - ControleTN - 20240826 - ggiusr3514 (test user)"
"2024-08-26T14:53:07.296+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving accounts/entitlements/roles for Revue du gestionnaire - Controle - 20240826 - ggiusr3514 (test user)"
"2024-08-26T14:53:07.297+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving accounts total 0"
"2024-08-26T14:53:07.297+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","done saving accounts total 0"
"2024-08-26T14:53:07.297+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving certification_user_account_status total 0"
"2024-08-26T14:53:07.297+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","done saving certification_user_account_status total 0"
"2024-08-26T14:53:07.298+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","saving Certification_entitlement_value total null"
"2024-08-26T14:53:07.298+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","Populating roles "
"2024-08-26T14:53:07.298+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","accounts/entitlements/roles saved for Revue du gestionnaire - Controle - 20240826 - ggiusr3514 (test user)"
"2024-08-26T14:53:07.298+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","processed 100 records"
"2024-08-26T14:53:07.326+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","populated data for certification-Revue du gestionnaire - Controle - 20240826 - usr3514 (test user), certifier-3514"
"2024-08-26T14:53:07.326+00:00","ecm-worker","campaigns.CampaignService","quartzScheduler_Worker-2-7hx76","DEBUG","data populated for Revue du gestionnaire - Control - 20240826 - usr3514 (test user)"
08/26/2024 04:35 PM
Instead of selecting applications use advanced query and ep.id=4
08/25/2024 04:04 AM
Hi @theosveg objects to be selected/reviewed should have account and entitlement selected ..