Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Endpoints_Filter on Customproperty

rushikeshvartak
All-Star
All-Star

Referring below Knowledge Articale

https://forums.saviynt.com/t5/community-knowledge-base/endpoint-filter-for-active-directory-connecti...

Can we use any other customproperty of entitlement while adding filter in Endpoints Filter for Azure AD or On Prem AD

 

For example :

{
"Sampletest AD Application": [
{
"memberOf": [
"customproperty1="AWS""
]
}
]
}


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
10 REPLIES 10

SB
Saviynt Employee
Saviynt Employee

Hi @rushikeshvartak Let me verify if this can be achieved; will update you.


Regards,
Sahil

@SB  any update , I believed since you created KB its working , can you share working JSON


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

SB
Saviynt Employee
Saviynt Employee

Customproperty attribute cannot be used in filter. This has to be the AADGroup or memberOf value

{
"APPLICATION_QA": [
{
"AADGROUP": [
"group%"
]
}
]
}
{
"Sampletest2 ADSI Application": [
{
"memberOf": [
"CN=ADgroup%,OU=Groups,OU=India,DC=contoso,DC=com"
]
}
]
}

 


Regards,
Sahil

So whatever mentioned in KB is wrong ?

rushikeshvartak_0-1683060716695.png


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

There is enhancement https://ideas.saviynt.com/ideas/EIC-I-2364 , Please confirm if this is considered for all connectors or not 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

I believe this is still being planned. You can update the ask/confirm on the idea itself.


Regards,
Sahil

Looking at the KB screenshot, can you check something like this? Check if you get result in the LDAP browser , if yes then same should work from Saviynt also. I hope this is what @SB meant from the KB article.

{
"Sampletest2 ADSI Application": [
{
"department": [
"(&(objectCategory=person)(objectClass=user)(department=PM))"
]
}
]
}

Thanks

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

https://ideas.saviynt.com/ideas/EIC-I-4577 Idea has been requested for feature


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

SB
Saviynt Employee
Saviynt Employee

The KB mentions to use the same filter that you can use in LDAP browser for AD. CustomerProperty is a Saviynt attribute and will not work in LDAP browser either.


Regards,
Sahil

SB
Saviynt Employee
Saviynt Employee

Also This parameter currently supports only creating the logical endpoint based on the memberof filter


Regards,
Sahil