This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to escape null value for saviynt not managed AD attributes for secondary accounts

Harsha
Regular Contributor
Regular Contributor

‎09/06/2023 11:50 PM

Hi Team,

Currently in the Active Directory we manage only Primary accounts and for secondary accounts we add only couple of attributes,for the rest we dont have permission. So its throwing insuffient rights error. Initially we tried skip else part  it didnt work then we used empty or null string as we dont have permission that didnt work as well.And now we tried below logic as per forum suggestion didnt work.Please help us solve how we can escape or bypass these attributes which we dont manage for secondary accounts.
Below is snippet :
"givenName":"${if(task.accountKey.accounttype.equals('Primary')){user.firstname}else {if(task.accountKey.accounttype.equals('Secondary'))(SAVIYNTNOTCHANGED)}}"

 

PS: I am referring to updateaacountjson

Thanks,
Harsha

Labels:
0 Kudos
2 REPLIES 2

sahil
Saviynt Employee
Saviynt Employee

‎09/13/2023 07:49 AM

Let me check this and will update.


Regards,
Sahil
0 Kudos

sahil
Saviynt Employee
Saviynt Employee

‎09/22/2023 09:27 AM - edited ‎09/22/2023 09:29 AM

Below is a sample condition that you can use to create yours and test.

${if(requestAccessAttributes.get('ACCOUNTTYPE') == 'Service Account'){'ServiceAccount'} else {'Personal'}}"

or 

(account.accountType == 'Primary'){user.firstname} else {'Personal'}


Regards,
Sahil
0 Kudos
Copyright © 2023 Khoros, LLC