Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Filter on Service account based on usergroup

shubhamj596
Regular Contributor
Regular Contributor

‎09/16/2022 03:49 AM

Hi Everyone,

In our engagement we have 2 types of accounts:

Service account

User accounts

But unfortunately, both are termed as Account type A at the target system.

That means, while importing both are coming as Account type 'A', the only criteria to figureout it either to check the usergroup or if the account is orphan(ie service account)

 

Now, Client wants to use manage service account tile as well. But if we leverage 'Service Account Type' under endpoint and add 'A'. In manage service account type under ARS, it will show all the accounts doesnt matter if that is a service account or a User account.

 

Is there a way we can differentiate the accounts using usergroup or any other property at the account level instead of account type, so that only specific accounts can be shown in the manage service account tile.

For example:

Accountname - sjain2, Account type - A, Usergroup - User

AccountName - POCTST, AccountType - A, Usergroup - Service

 

Now, we only want POCTST account to be shown under manage service account tile, but can't be filtered using accounttype. Can only be done using usergroup.

Regards,

Shubham

0 Kudos
9 REPLIES 9

rushikeshvartak
All-Star
All-Star

‎09/16/2022 04:10 AM

Service account is based on account type field in accounts. Which connector are you using? You can perform data Preprocess before import with above logic. 

Alternatively in service account request form you can create dynamic attribute if user group is user then don't show entitlement in entitlement section so requestor can't proceed for request


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

shubhamj596
Regular Contributor
Regular Contributor

‎09/19/2022 12:03 AM

Thanks for the reply Rushikesh,

Client want to keep the data consistent between SAP, AD and Saviynt.

As a trust source we are using AD connector.

In this case, i dont think Data preprocess will work. But still can you help me with the JSON which can be used in DATA Preprocess to change the accountype while importing users.

Regards,

Shubham

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to shubhamj596

‎09/19/2022 01:48 PM

Use Saviynt 4 Saviynt Connector


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

shubhamj596
Regular Contributor
Regular Contributor

‎09/20/2022 01:57 AM

We have to add a filter at the Account level, not the user level.

Saviynt4saviynt connector might not work, as it will be a different endpoint.

 

If it can work with sav4sav, can you please help me with the logic. I can then implement that.

 

Regards,

Shubham

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to shubhamj596

‎09/20/2022 03:42 AM

Using sav4sav connector you can write your logic in accounts xml


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

shubhamj596
Regular Contributor
Regular Contributor

‎09/26/2022 12:33 AM

Hi Rushikesh,

Do you have a documentation for the same?

 

Regards,

Shubham

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to shubhamj596

‎09/26/2022 03:16 AM - edited ‎09/26/2022 03:17 AM

No this is workaround suggested . 

Anything specific you are looking for? 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

shubhamj596
Regular Contributor
Regular Contributor

‎09/26/2022 05:00 AM

In the above reply, as you have mentioned that we can write our logic with account xml. I have no idea how this is done. Do we have a documentation on how to write a logic with account xml?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to shubhamj596

‎09/26/2022 07:25 AM

This seems not supported using DB Connector 

https://forums.saviynt.com/t5/identity-governance/update-account-owner-with-saviynt-for-saviynt-impo...

You can try Saviynt REST Connector 

https://documenter.getpostman.com/view/1797923/RWaLwo21?version=latest#e7d68a8f-2eb5-41d1-b577-8ef7b... 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC