Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Child endpoint not showing up under security system after updating in Endpoint point filter

Soumyaprateek
New Contributor III
New Contributor III

Hi Team,

We update the endpoint filter of AD connector with proper format. The entitlement is created prior. Then when we run the account and access import job (Single threaded) the endpoint is not created under the parent security system.

Are we missing something, appreciate any suggestions in this regard. 

Regards,

Soumya

8 REPLIES 8

savuser17
New Contributor II
New Contributor II

Can you send the sample of the endpoint filter code?

Is it in the following format?

{
"Endpoint name": [
{
"memberOf": [
"Group name1",
"Group name2"
]
}
]
}

Hi,

Yes, it is in that format.

{
"App1": [ { "uniqueMember": [
"CN=xyz,
"CN=abc"] }],

"App2": [ { "uniqueMember": [
"CN=pqr"] }]

}

Entitlement  type name should memberOf

{
"App1": [ { "memberOf": [
"CN=xyz,
"CN=abc"] }],

"App2": [ { "memberOf": [
"CN=pqr"] }]

}


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Raghu
Valued Contributor III
Valued Contributor III

@Soumyaprateek  Need to follow format of endpoint filter json in connector level

Endpoint name  sample :

Application-A

Entitlment type should be pass :

 "memberOf": 

Sample json from document:

CR_0-1712814853671.png

More information you get in document portal : https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Logical-Active-Directory-Applications.htm

 

 

 

 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Soumyaprateek
New Contributor III
New Contributor III

Hi @Raghu , @rushikeshvartak 

Please find the below group import mapping json. There we mention unique member attribute. 

Let me know if anything needs to be changed.

groupImportMapping:
{
"importGroupHierarchy": "true",
"entitlementTypeName": "uniqueMember",
"performGroupAccountLinking": "true",
"groupAccountMappingAttributeName": "uniqueMember",
"incrementalTimeField": "modifytimestamp",
"groupObjectClass": "(|(objectclass=groupOfUniqueNames)()())",
"advanceGroupFilter": {
"uniqueMember": {
"ou=abd": [
"(&(objectClass=))"
],
"ou=xvb": [
"(&(objectClass=))"
]
}
},
"entitlementownerattribute": "abc",
"mapping": "memberUidHash:uniqueMember_char,entitlement_value:nameinnamespace_char,entitlementid:dn_char,entitlement_glossary:description_char,description:description_char,updatedate:modifyTimestamp_customDate--yyyyMMddHHmmss,createdate:createtimestamp_customDate--yyyyMMddHHmmss,displayname:displayname_char,customProperty1:abc_char,customProperty2:GroupID_char,customProperty3:entryDN_char,customProperty4:cn_char,customProperty5:uniquemember_char,customProperty6:abc_char,customProperty7:objectClass_char,RECONCILATION_FIELD:entitlement_value",
"activeGroupPossibleValues": [
"active",
"a",
"l",
"TRUE"
]
}

Regards,

Soumya

Please share endpoints Filter configs as mentioned fix Entitlement type = Groups


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Soumyaprateek
New Contributor III
New Contributor III

Hi,

Thanks everyone for the responses. There is some issue with Import jobs (Account, Access) that is causing this. As the job are fixed the child endpoint is now created correctly. So seems the JSON are fine.

Regards,

Soumya

Raghu
Valued Contributor III
Valued Contributor III

Oh Good know. if agree it got resolved please close thread for further.


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.