Saviynt Forums

kavitakamtekar4 · ‎10/28/2024

Hi All,

We have configured disconnected applications in Saviynt.
When users are manually removing the disconnected account in Saviynt through ARS, the account status get's change to "Manually Suspended". Now if the same user is trying to raise ARS request for same application then Saviynt is Showing Modify option but this is not activating user existing account.

Apart from Enhanced Query, Is there any way to activate existing account status from "Manually Suspended to Active" for disconnected app as there is no recon associated with it.
If not, then what is the ideal way to fulfill Delete/revoke account and New account use case for disconnected application.

rushikeshvartak · ‎10/28/2024

Enable Persistent Data under security system.

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

kavitakamtekar4 · ‎10/29/2024

Hi @rushikeshvartak, I enabled Persistent Data Flag at Security system level for disconnected app. After removing account, the account status is manually deleted, but I am not able to raise new account request and still seeing modify request for the same disconnected app.

Is there any specific flag to raise a request for new account?

NM · ‎10/29/2024

@kavitakamtekar4 did you try below mentioned approach??

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

kavitakamtekar4 · ‎10/29/2024

Hi @NM, the recon was set as "No" since beginning.

NM · ‎10/29/2024

@kavitakamtekar4 is it not changing account name?

Other younhave to update the status to suspended to import service using enhanced query.

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

kavitakamtekar4 · ‎10/29/2024

Hi @NM , the account name changes to "Manually deleted" after the account is removed through ARS.

But now we want to raise another request of new account with same account name and it should give another entry in user's account.

Issue: We are not able to raise another account request through ARS for the same user.

NM · ‎10/29/2024

@kavitakamtekar4 you can use enhanced query to change the status of account to suspended from import service.

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

rushikeshvartak · ‎10/29/2024

Did you imported accounts ?
Once you imported status will change.
It must be schema import/ account import

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

kavitakamtekar4 · ‎10/29/2024

Hi @rushikeshvartak ,

How it is related to import accounts? since we are manually deleting the account. After we raise a request through ARS to remove account, The status of account is "manually deleted". So we want to raise another new request for account with same name and the new entry should be available in user's accounts.

Also, We are not importing any accounts for Disconnected apps we are only creating accounts in Saviynt.

rushikeshvartak · ‎10/29/2024

Even though application is disconnected what is recon process ?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

kavitakamtekar4 · ‎10/29/2024

Through CSV import.

rushikeshvartak · ‎10/29/2024

During import enable action for account

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

kavitakamtekar4 · ‎10/30/2024

Hi @rushikeshvartak, we tried above step by enabling the action for account while importing the account through CSV and now the account status is "Manually deleted". But while requesting for new account for the same user it is still giving the "modify current account" option through ARS.

NM · ‎10/30/2024

@kavitakamtekar4 use enhanced query to change the status of accounts to suspended from import service.

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

rushikeshvartak · ‎10/30/2024

Did you selected which account status to be selected under endpoint - account name rules

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM · ‎10/28/2024

@kavitakamtekar4 , for disconnected application keep recon as no so it will automatically change the account name to deleted.

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

kavitakamtekar4 · ‎10/30/2024

Hi @NM, we tried enhanced query to change the status as "Suspended to account Service" and its working for suspended account.

Is there any another way to set account status as "Suspended to account Service" using endpoint level flag?

Thanks.

NM · ‎10/30/2024

@kavitakamtekar4 for disconnected no.

If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

rushikeshvartak · ‎10/30/2024

@kavitakamtekar4 I have validated this test case and it works well with Persistent Data Enabled

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Kaustubh · ‎10/29/2024

@kavitakamtekar4

As @NM suggested

Recon Application should be No

After you submit the delete request, check if approval is pending/ task is in pending state. After request approval, task should be generated.

After the task is completed/ fulfilled, you should be able to request the account again

Kaustubh Pawar
Saviynt Certified IGA Professional

kavitakamtekar4 · ‎10/30/2024

Hi @Kaustubh, The recon flag was set to "no". Thanks for sharing this info.

Saviynt Forums

How to Change Account Status for Disconnected Application