Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Configure provisioning & de-provisioning JSONs for Unix OOTB Connector.

Go to solution
amanmalakar007
New Contributor III
New Contributor III

‎09/04/2024 11:23 AM

Hey Saviynt family!

Our Requirement:

We need to run a few Perl scripts on a Unix endpoint. We are currrently using an OOTB Unix Connector for the purpose. The connection is sucessfully established and verified. Our requirement involves using the "DEPROVISION_ACCOUNT_COMMAND" and "REMOVE_ACCESS_COMMAND" JSONs to perform some actions on the endpoint by executing these Perl scripts.

Our current configuration:

We have a Unix connection set up in our instance, with the following JSONs configured as shown below :

amanmalakar007_1-1725472146570.png

Our progress so far:

We are confident we have the correct "PROVISION_ACCOUNT_JSON" set up since the "New Account" task is successfully completed with the following provisioning comment:

amanmalakar007_3-1725472589953.png

We have also set up the "DEPROVISION_ACCOUNT_COMMAND" and "REMOVE_ACCESS_COMMAND" JSONs in the connector to the best of our knowledge (see 1st screenshot above).

The Problem: 

When we try to deprovision or remove access for a user associated with this Unix endpoint, we get a response saying :

amanmalakar007_4-1725472940038.png

Our request:

We need the community to help us configure the valid "DEPROVISION_ACCOUNT_COMMAND" and "REMOVE_ACCESS_COMMAND" JSONs for our requirement (explained above). We are very sure our deprovisioning scripts work absolutely fine. We are seeking your help to verify and configure our JSONs to achieve the aforementioned purpose. Any insights on this would be truly appreciated.

Thank you!

Labels:
0 Kudos
2 REPLIES 2

Go to solution
rushikeshvartak
All-Star
All-Star

‎09/04/2024 11:30 AM

use ${accountName} instead of ${user.username} 

if does not work share logs


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
stalluri
Valued Contributor II
Valued Contributor II

‎09/04/2024 12:12 PM

@amanmalakar007 

ADD_ACCESS_COMMAND

Specify the command to provide access to the entitlement existing in the target application. In the target application, these would be the Groups or entitlements.

REMOVE_ACCESS_COMMAND

Specify the command to remove the access for a user to the entitlement in the target application. This command enables deprovisioning access to the entitlement for which access has been removed for the user (from EIC).


For ADD and Remove access just pass the command directly.

sudo /pathToScript/addAccessScript.pl $(user.username) 1> /dev/null


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.
Copyright © 2024 Khoros, LLC