Click HERE to see how Saviynt Intelligence is transforming the industry. |
03/19/2024 02:23 AM
Hi Team,
We would like to provision multiple group owners to AD while creating or updating the group from Saviynt.
We were able to find the below code snippet from docs but looks like it didn't work properly.
"otherManagedBy":"${ownerAccountListMap.get(allOwnerList?.get(1)?.userkey.username).get(0)?.accountID}"
When reconciled, the group came without any users. We have tested the recon for other groups and it works fine for multiple owners.
Request you to please let us know if we are missing something in the code snippet, or provide a working code snippet to provision multiple group owners in AD.
Thanks
03/20/2024 03:16 AM
Please refer the below post and use ownerAccountListMap
Sample:
"managedBy": "${allOwnerList?.size()>0 && ownerAccountListMap.size()>0 && ownerAccountListMap.get(allOwnerList?.get(0)?.userkey.username)!=null && ownerAccountListMap.get(allOwnerList?.get(0)?.userkey.username).size()>0?ownerAccountListMap.get(allOwnerList?.get(0)?.userkey.username).get(0)?.accountID:null}"
03/20/2024 07:37 AM
Hi @adarshk ,
Thanks for the response.
We actually have been using the same kind of code snippet for managedBy attribute, and this works for a single owner. Now, we want to provision multiple owners in a single group request. Is there a way we can loop this code snippet to achieve it?
Thanks
03/21/2024 12:25 AM
can you retest with the above shared sample and let us know the results.
03/21/2024 12:31 AM
Yes, I did retest. Only the first owner was updated in AD as owner out of the 3 owners in Saviynt.
03/21/2024 10:06 PM
Only owner with Rank1 will be provisioned as managedby at AD is single valued attribute.
03/22/2024 01:42 AM
Yes correct. This is the reason we are using an extended attribute otherManagedBy instead of managedBy to store multiple owners which is a multivalued attribute. Please advise.
Thanks
03/24/2024 08:08 PM
"otherManagedBy":"${ownerAccountListMap.get(allOwnerList?.get(1)?.userkey.username).get(1)?.accountID}"
03/27/2024 09:50 AM
Hi @rushikeshvartak ,
The above code snippet will provision the second owner in the list, correct? What if there are more than two that we need to provision, and the number of owners to be determined at runtime.
I tried working on a looping code but the createupdatemappings does not support it.
Thanks
03/27/2024 12:26 PM
ownerAccountListMap.get(allOwnerList?.get(1)?.userkey?.username)?.collect { it?.accountID.join(', ') }
04/10/2024 08:11 AM - last edited on 04/10/2024 11:53 PM by Sunil
Nothing gets provisioned with this snippet.
[This message has been edited by moderator to mask sensitive info]
04/10/2024 07:38 PM
"otherManagedBy": "${allOwnerList?.size() > 1 && ownerAccountListMap.size() > 0 && ownerAccountListMap.get(allOwnerList?.get(1)?.userkey?.username) != null && ownerAccountListMap.get(allOwnerList?.get(1)?.userkey?.username).size() > 0 ? ownerAccountListMap.get(allOwnerList?.get(1)?.userkey?.username).get(0)?.accountID : null}"
04/12/2024 01:55 AM
No @rushikeshvartak , I need to provision n number of owners to my group.
The above mentioned code snippet will provision only one of them, which has been tested earlier as well.
04/12/2024 08:10 PM
Does above snippet works ?
04/22/2024 08:21 AM
"otherManagedBy": "${allOwnerList?.size() > 1 && ownerAccountListMap.size() > 0 && ownerAccountListMap.get(allOwnerList?.get(1)?.userkey?.username) != null && ownerAccountListMap.get(allOwnerList?.get(1)?.userkey?.username).size() > 0 ? ownerAccountListMap.get(allOwnerList?.get(1)?.userkey?.username).get(0)?.accountID : null}"
Yes, this one does.
Thanks
04/22/2024 08:22 AM
But as mentioned earlier, need to provision n number of owners to my group.
04/22/2024 04:31 PM
How many owners are exists accordingly you need to join and change index
04/23/2024 01:38 AM
You mean something like this:
"otherManagedBy": "${allOwnerList?.size() > 9 && ownerAccountListMap.size() > 0 && ownerAccountListMap.get(allOwnerList?.get(9)?.userkey?.username) != null && ownerAccountListMap.get(allOwnerList?.get(9)?.userkey?.username).size() > 0 ? ownerAccountListMap.get(allOwnerList?.get(9)?.userkey?.username).get(0)?.accountID : null}"
But this snippet will only provision the 10th owner on the list, not the previous nine.
Thanks
04/23/2024 08:41 PM
Yes