Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to disable Active Directory account when user goes on Long leave

Jaya
Regular Contributor II
Regular Contributor II

‎04/03/2023 07:09 AM

Hi All,

We are trying to implement a use case to create a service request for service desk for disabling Active directory account when user goes on long leave(ex- Maternity leave) for a particular time period.

So to implement this we added two custom attributes LONG LEAVE STARTDATE, LONG LEAVE END DATE(CP45 & CP46) in User update request form & these attributes will be filled by HR.

Jaya_0-1680529837411.png

But the problem we are facing is - we aren't able to create a trigger for technical/user update rule to generate tasks when the leave actually starts means customproperty45=sysdate()

Jaya_1-1680530146165.png

We tried 2-3 ways to implement this -

1. Detective rules - Rule is working fine but this job is generating some remove access tasks for some unknown reasons & this Job is now DEPRECATED so we can't use this method.

2.Using PreprocessorQueries in ModifyUserDataJson - This method also didn't work because when the import job runs it makes the CP45 blank as it was updated by UI not coming through Import.

3. Custom Query Job

Jaya_2-1680530640635.png

Please suggest some more methods, how we can implement this Long Leave Use Case & let me know for any clarifications.

Thanks,

Jaya Karothia

 

Thanks
Jaya Karothia
0 Kudos
8 REPLIES 8

dgandhi
All-Star
All-Star

‎04/05/2023 01:10 PM

Hi

Can you trigger user update rule when the respective custom property is updated?

1. HR send that information to Saviynt.

2. In Saviynt we update CP45 to LONG LEAVE STARTDATE

3. Write user update rule with 2 conditions that CP45 is updated and CP45 = LONG LEAVE STARTDATE -- > Perform respective action.

4. Once the user is back from leave then clear CP45 value.

Thanks

Devang

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.
0 Kudos

Jaya
Regular Contributor II
Regular Contributor II

‎04/05/2023 11:30 PM

Hi Devang,

Thanks for your response.

Step 1 & 2 are already implemented but the problem starts with 3rd step only - suppose long leave starts after 15 days, the user update rule will run on the day when it is updated, but it need some event to compare the date on start date(on 15th day) because these rule doesn't run automatically they need some update in user attribute.

Thanks,

Jaya Karothia

Thanks
Jaya Karothia
0 Kudos

sk
All-Star
All-Star
In response to Jaya

‎04/06/2023 07:13 AM

@Jaya : If I am not wrong CP45 is not a date field but in condition you are doing date comparison, I believe that is what causing the issue. So try to convert CP45 to date format and compare with current date or convert current date to string format and compare with CP45


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos

dgandhi
All-Star
All-Star

‎04/06/2023 05:26 AM

Hi Jaya,

We applied below logic in our implementation.

1. HR send that information to Saviynt.

2. In Saviynt we update CP45 to the date when leave will start (for example, 20th April 2023)

3. Write one SAV to SAV which compares the date present in CP45 to current date. This SAV to SAV job will run everyday.

On 20th April when this job run, the condition will meet and it will update the CP45 to LONG_LEAVE_ STARTDATE_20_April_2023

4. Write user update rule with 2 conditions that CP45 is updated and CP45 like '% LONG LEAVE STARTDATE%' -- > Perform respective action.

5. Once the user is back from leave then clear CP45 value.

Note: This was done for Saviynt version 5.5

Thanks

Devang

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

Jaya
Regular Contributor II
Regular Contributor II

‎04/06/2023 09:16 AM

Hi Devang,

This solution looks good.

It would be great if you can provide details/snaps of your SAV to SAV & update rule please.

Thanks,

Jaya Karothia 

Thanks
Jaya Karothia
0 Kudos

dgandhi
All-Star
All-Star

‎04/10/2023 07:09 PM

Hi Jaya,

Can you check below sample of SAV to SAV

<dataMapping>
<before-import>

</before-import>
<sql-query description="This is the Source DB Query" uniquecolumnsascommaseparated="username">
<![CDATA[select username as username,customproperty36 as LOA_START_DATE,customproperty37 as LOA_END_DATE,
(CASE WHEN (customproperty36<=curdate() AND (customproperty37>curdate() OR customproperty37 IS NULL) AND customproperty36 NOT LIKE 'LOA_START%') THEN concat('LOA_START_',customproperty36) WHEN (customproperty36!=curdate() and customproperty36 NOT LIKE 'LOA_START%') THEN customproperty36 ELSE customproperty36 END) as loa,
(CASE WHEN (customproperty37<=curdate() AND customproperty37 NOT LIKE 'LOA_END%') THEN concat('LOA_END_',customproperty37) WHEN (customproperty37!=curdate() and customproperty37 NOT LIKE 'LOA_END%') THEN customproperty37 ELSE customproperty37 END) as rloa,
(CASE WHEN (customproperty36 LIKE 'LOA_START_%' AND (date(substring(customproperty36,11,11)) > date(customproperty37) OR date(substring(customproperty36,11,11)) > date(substring(customproperty37,9,11)) OR customproperty37 IS NULL OR date(customproperty37)>curdate())) THEN 0 ELSE statuskey END) as loa_status
from users
where customproperty36 is not null or customproperty37 is not null;]]>
</sql-query>
<importsettings>
<zeroDayProvisioning>FALSE</zeroDayProvisioning>
<userNotInFileAction>NOACTION</userNotInFileAction>
<checkRules>TRUE</checkRules>
<buildUserMap>FALSE</buildUserMap>
<generateSystemUsername>FALSE</generateSystemUsername>
<generateEmail>FALSE</generateEmail>
</importsettings>
<mapper description="This is the mapping field for SAviynt Field name" defaultrole="ROLE_ENDUSER" >
<mapfield saviyntproperty="username" sourceproperty="username" type="character"></mapfield>
<mapfield saviyntproperty="customproperty36" sourceproperty="loa" type="character"></mapfield>
<mapfield saviyntproperty="customproperty37" sourceproperty="rloa" type="character"></mapfield>
<mapfield saviyntproperty="statuskey" sourceproperty="loa_status" type="character"></mapfield>
</mapper>
<after-import description="EMAIL,BATCH,SQL">
</after-import>
</dataMapping>

Thanks

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.
0 Kudos

Jaya
Regular Contributor II
Regular Contributor II
In response to dgandhi

‎04/12/2023 05:02 AM

Hi Devang,

Is this code to be updated in UpdateUserJson in SAV to SAV connection?

Thanks,

Jaya Karothia

Thanks
Jaya Karothia
0 Kudos

Jaya
Regular Contributor II
Regular Contributor II
In response to dgandhi

‎04/26/2023 04:31 AM

Hi Devang,

Have you pasted this query in AccountsImport?

Thanks,

Jaya

Thanks
Jaya Karothia
0 Kudos
Copyright © 2024 Khoros, LLC