Click HERE to see how Saviynt Intelligence is transforming the industry. |
10/02/2024 09:04 PM
Hello,
We have an Oracle DB endpoint that only has accounts data, no entitlements data and we import them with this xml
<dataMapping>
<before-import>
</before-import>
<sql-query description="This is the Source DB Query" uniquecolumnsascommaseparated="name">
<![CDATA[select NETWORK_USERNAME AS staffuserid,'ABC' AS securitysystem, 'ABC' AS endpoint, NULL AS enttype, NULL AS entvalue, 'Active' AS status from ORA_DB;]]>
</sql-query>
<mapper description="This is the mapping field for Saviynt Field name" accountnotinfileaction="suspend" deleteaccountentitlement="false" addOnlyMode="FALSE" ifusernotexists="noaction" incrementalcolumn="updatedate">
<mapfield saviyntproperty="accounts.name" sourceproperty="staffuserid" type="character"/>
<mapfield saviyntproperty="accounts.accountid" sourceproperty="staffuserid" type="character"/>
<mapfield saviyntproperty="entitlementtypes.entitlementname" sourceproperty="enttype" type="character"/>
<mapfield saviyntproperty="entitlementvalues.entitlementvalue" sourceproperty="entvalue" type="character"/>
<mapfield saviyntproperty="securitysystems.systemname" sourceproperty="securitysystem" type="character"/>
<mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpoint" type="character"/>
<mapfield saviyntproperty="accounts.status" sourceproperty="status" type="character" />
</mapper>
<after-import description="EMAIL,BATCH,SQL">
</after-import>
</dataMapping>
The import process was succeeded but we got a huge amount of error log complaining the entitlement values were null
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","ERROR","Entitlement Value not found"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","DEBUG","updating accountUPDATE ACCOUNTS SET jobid=1585375,SYSTEMID=13,ENDPOINTKEY=12,NAME='XYZ',UPDATEDATE='2024-10-03 02:40:09',accountid='XYZ' ,customproperty1=null,customproperty2='PEDAGOGIES FOR LIFE TASKFORCE' ,status='Active' where accountkey=1234"
"xxxx","ecm-worker","saviynt.AccountsImportService","quartzScheduler_Worker-9-qlqjq","DEBUG","NOT FOUND ENTITLEMENT =null FOR SECURITYSYSTEM =ABC AND ENDPOINT=ABC"
Is there any way to mitigate this beside create a placeholder entitlement?
10/02/2024 09:22 PM - edited 10/02/2024 09:23 PM
@fuko , don't use these (below) in your query and don't map it also in mapper section. Just have account attributes and map it with Saviynt attributes.
NULL AS enttype, NULL AS entvalue
10/02/2024 09:35 PM
@fuko saviynt tries to find the entitlementtype and the entitlement just don't act the same in query and mapper.
10/02/2024 09:54 PM
10/02/2024 09:59 PM
Hi @NM @Amit_Malik, I've tried that. Saviynt will treat entitlement-type and entitlement-value as NULL if not specified
10/02/2024 10:24 PM
@fuko is it creating a entitlement type and entitlement with NULL name if not then it is fine .. don't add it in XML
10/02/2024 10:41 PM
<dataMapping>
<before-import>
</before-import>
<sql-query description="This is the Source DB Query" uniquecolumnsascommaseparated="name">
<![CDATA[select NETWORK_USERNAME AS staffuserid,'ABC' AS securitysystem, 'ABC' AS endpoint, '' AS enttype, '' AS entvalue, 'Active' AS status from ORA_DB;]]>
</sql-query>
<mapper description="This is the mapping field for Saviynt Field name" accountnotinfileaction="suspend" deleteaccountentitlement="false" addOnlyMode="FALSE" ifusernotexists="noaction" incrementalcolumn="updatedate">
<mapfield saviyntproperty="accounts.name" sourceproperty="staffuserid" type="character"/>
<mapfield saviyntproperty="accounts.accountid" sourceproperty="staffuserid" type="character"/>
<mapfield saviyntproperty="entitlementtypes.entitlementname" sourceproperty="enttype" type="character"/>
<mapfield saviyntproperty="entitlementvalues.entitlementvalue" sourceproperty="entvalue" type="character"/>
<mapfield saviyntproperty="securitysystems.systemname" sourceproperty="securitysystem" type="character"/>
<mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpoint" type="character"/>
<mapfield saviyntproperty="accounts.status" sourceproperty="status" type="character" />
</mapper>
<after-import description="EMAIL,BATCH,SQL">
</after-import>
</dataMapping>
10/02/2024 11:16 PM
Hi @rushikeshvartak,
I got the same result as when I set as NULL or not select them. This problem is logging thousands of error messages every import so it pretty hard to ignore them.
The only solution I could think of is using a dummy entitlement.
10/02/2024 11:23 PM
I wish showlogs false is there in DB connector 😁