Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Found duplicate entitlements after running AD recon Job

harishyara
Regular Contributor
Regular Contributor

‎01/08/2024 11:54 PM - edited ‎01/08/2024 11:56 PM

Hello All,

After running AD recon JOB successfully it was found that there were some duplicate entitlements found in Saviynt. Logs doesn't have complete information to investigate the issue.

Is there any config that we need to add in AD connection to view complete logs during AD recon job execution ?

objectGUID_Binary is the RECONCILATION_FIELD mapped in groupImportMapping

Note - Actual entitlement has all attribute values reconciled successfully as expected but duplicate entitlement doesn't have all the attribute values (like cp's mapping during import) it has only Entitlement Value . Also Accounts are getting mapped to the duplicate entitlement but not to the actual entitlement.

0 Kudos
9 REPLIES 9

Dhruv_S
Saviynt Employee
Saviynt Employee

‎01/09/2024 03:22 AM

Hi @harishyara 

Could you please share the groupImportMapping.

Is the entitlement_id mapped in JSON?

Regards,

Dhruv Sharma

0 Kudos

harishyara
Regular Contributor
Regular Contributor
In response to Dhruv_S

‎01/09/2024 05:00 AM

Hi @Dhruv_S - yes it is mapped to distinguishedName.

Below is the groupImportMapping

harishyara_0-1704805194702.png

Regards,

Harish

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to harishyara

‎01/09/2024 05:24 AM

It was working before ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

harishyara
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎01/09/2024 06:06 AM

Hi @rushikeshvartak - It happened after I changed the groupSearchBaseDN

FROM

OU=abc,DC=test,DC=domain,DC=com

TO

DC=test,DC=domain,DC=com

Since required groups are present under OU=Test-Groups,DC=test,DC=domain,DC=com so I have given root domain to get all the groups. 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to harishyara

‎01/09/2024 09:00 PM

what is entitlementid for one of the duplicate ent


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

harishyara
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎01/10/2024 04:59 AM

@rushikeshvartak - duplicate entitlementid is showing as null.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to harishyara

‎01/10/2024 08:08 PM

It seems it pulled from account import and not from Access import. inactivate them and rerun recon and try


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

harishyara
Regular Contributor
Regular Contributor

‎01/11/2024 04:30 AM - edited ‎01/11/2024 10:08 AM

@rushikeshvartak - Okay thanks for the update but, if there is already an entitlement exist with same entitlement value why Saviynt is creating new entitlement with same entitlement value instead of updating the existing entitlement ?

Also, please note that the accounts are getting mapped to the duplicate entitlement but not to the actual entitlement?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to harishyara

‎01/11/2024 07:45 PM

  • Rename the entitlement without entitlementid.
  • Using account import entitlement metadata (entielement id ) is not imported.

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC