and more in a single search tool across platforms. Read the announcement here. |
04/12/2022 01:22 PM
Hi Team,
We are using Saviynt V5.5 SP 3.11
There is an application ABC having entitlements E1 & E2. Users accounts are created with Entitlement E1.
Now, we want to modify the entitlement E1 to E2 for some users. So we use ARS- > search user-> select ABC application -> Modify ->Checkout- > In the next page , we are not getting the E1 entitlement to remove. It exists under user accounts but not visible in ARS to remove.
Can anyone please guide how to resolve this ?
Thanks,
Sitarasmi
04/12/2022 03:11 PM
Sitarasmi,
Have you set any filters under the Global Configurations for entitlement request or the Access query under endpoints itself which is restricting certain entitlements from showing up in ARS ?
Also note that if the entitlement status in Saviynt itself is InActive, they do not show up in ARS, perhaps you can check that as well.
Regards,
Avinash Chhetri
04/12/2022 03:11 PM
Hi Avinash,
T `here is no settings under Global configuration.
All entitlements are active .
Thanks,
Sitarasmi
04/12/2022 03:11 PM
Please check the logs and see if it helps.
Regards,
Avinash Chhetri
05/03/2022 08:21 AM - edited 05/03/2022 08:22 AM
Possible Reasons
1. Open Tasks :
Tasks are open for existing request, Please check if any other tasks for same user & account & application not open under Pending Tasks
2. Entitlement Filter
Entitlement filter under Endpoint - Entitlement Type - View Details (icon) -
3. Global Configuration
Check Below configuration
4. Entitlement Metadata.
Entitlement must be active
05/03/2022 09:29 PM
How was the E1 entitlement assigned for the account, was is via ARS or birthright provisioning?
If it was through birthright provisioning, then those entitlements may not be visible during ARS operations due to the following configuration in the Entitlement Type: "Exclude Entitlements Assigned via Rule while Request". This is by default ON. You may turn it off based on the requirement.
05/05/2022 12:27 AM
Hi Sitarasmi
Could you also please check your Entitlement Type it should not be set to None, you can set it as "Table" and can try.
Navigate to Admin-> Identity Repository-> Security System->Endpoint (Select the Security System and Endpoint you are looking for)->Entitlement Type-> Request Option