and more in a single search tool across platforms. Read the announcement here. |
09/16/2022 03:49 AM
Hi Everyone,
In our engagement we have 2 types of accounts:
Service account
User accounts
But unfortunately, both are termed as Account type A at the target system.
That means, while importing both are coming as Account type 'A', the only criteria to figureout it either to check the usergroup or if the account is orphan(ie service account)
Now, Client wants to use manage service account tile as well. But if we leverage 'Service Account Type' under endpoint and add 'A'. In manage service account type under ARS, it will show all the accounts doesnt matter if that is a service account or a User account.
Is there a way we can differentiate the accounts using usergroup or any other property at the account level instead of account type, so that only specific accounts can be shown in the manage service account tile.
For example:
Accountname - sjain2, Account type - A, Usergroup - User
AccountName - POCTST, AccountType - A, Usergroup - Service
Now, we only want POCTST account to be shown under manage service account tile, but can't be filtered using accounttype. Can only be done using usergroup.
Regards,
Shubham
09/16/2022 04:10 AM
Service account is based on account type field in accounts. Which connector are you using? You can perform data Preprocess before import with above logic.
Alternatively in service account request form you can create dynamic attribute if user group is user then don't show entitlement in entitlement section so requestor can't proceed for request
09/19/2022 12:03 AM
Thanks for the reply Rushikesh,
Client want to keep the data consistent between SAP, AD and Saviynt.
As a trust source we are using AD connector.
In this case, i dont think Data preprocess will work. But still can you help me with the JSON which can be used in DATA Preprocess to change the accountype while importing users.
Regards,
Shubham
09/19/2022 01:48 PM
Use Saviynt 4 Saviynt Connector
09/20/2022 01:57 AM
We have to add a filter at the Account level, not the user level.
Saviynt4saviynt connector might not work, as it will be a different endpoint.
If it can work with sav4sav, can you please help me with the logic. I can then implement that.
Regards,
Shubham
09/20/2022 03:42 AM
Using sav4sav connector you can write your logic in accounts xml
09/26/2022 12:33 AM
Hi Rushikesh,
Do you have a documentation for the same?
Regards,
Shubham
09/26/2022 03:16 AM - edited 09/26/2022 03:17 AM
No this is workaround suggested .
Anything specific you are looking for?
09/26/2022 05:00 AM
In the above reply, as you have mentioned that we can write our logic with account xml. I have no idea how this is done. Do we have a documentation on how to write a logic with account xml?
09/26/2022 07:25 AM
This seems not supported using DB Connector
You can try Saviynt REST Connector