This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Entitlements With New Account on multiple SamAccounts

PascalMontreuil
New Contributor III
New Contributor III

‎01/18/2023 03:33 PM - last edited on ‎01/19/2023 08:44 AM by Community Manager

Hello Guys,

Right now we have a connected application that once we request an entitlement we are also given the user an Azure group via the Entitlements With New Account

The issue that we are facing is that some of our user have multiple SamAccount example User (Main Account) - User1 (secondary) - User2 (third) so when we provision the entitlement, it give the Azure group to the User2 and not the main account.  Worst case, we would like to give the Azure group to all the SamAccounts but the goal is only to the main User account.

Is there a way to do this.

Pascal Montreuil
Labels:
0 Kudos
9 REPLIES 9

rushikeshvartak
All-Star
All-Star

‎01/18/2023 06:44 PM

Use applications role concept or entitlement map concept


Regards,
Rushikesh Vartak
0 Kudos

PascalMontreuil
New Contributor III
New Contributor III
In response to rushikeshvartak

‎01/19/2023 04:22 AM

Do you have the link of that documentation ?

Pascal Montreuil
0 Kudos

PascalMontreuil
New Contributor III
New Contributor III

‎01/19/2023 04:27 AM - last edited on ‎01/19/2023 08:42 AM by Community Manager

Thank you for the quick respond, but we don't want to exclude entitlements, we want to give the Azure group on the Entitlements With New Account in the endpoint to the main SamAccount of the user, not is latest one created

Pascal Montreuil
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to PascalMontreuil

‎01/19/2023 04:30 AM

You can add same under entitlement map . For testing add one of the entitlement under emap and request for parent entitlement and you find both parent & entitlement from emap will be added 

You can find different filters available under emap


Regards,
Rushikesh Vartak
0 Kudos

PascalMontreuil
New Contributor III
New Contributor III

‎01/24/2023 06:32 AM

Hello @rushikeshvartak, ok we don't see how the entitlement map will work for us, so let go to option B.  Here is a use case : Security System and Endpoint "Application test" provision an Azure Group with the Entitlements With New Account  option.  So if a user has 3 AD accounts, we would like to provision the Azure Group to the 3 AD account and not only to the latest one, because right now it's provisioning on the latest created AD account of the user and our option A was to provision on the main AD account.

Pascal Montreuil
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to PascalMontreuil

‎01/24/2023 12:55 PM

Saviynt will assign to random one or latest on in case of Entitlements With New Account 


Regards,
Rushikesh Vartak
0 Kudos

PascalMontreuil
New Contributor III
New Contributor III
In response to rushikeshvartak

‎01/25/2023 04:27 AM

Thank you, so there is no way to give the entitlements to all is AD accounts

Pascal Montreuil
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to PascalMontreuil

‎01/25/2023 04:28 AM

There are alternatives like request rule / analytics you can use those 


Regards,
Rushikesh Vartak
0 Kudos
Copyright © 2023 Khoros, LLC