Saviynt Forums

alc · ‎02/10/2023

Hello Saviynt Expert,

When I use Schema based Account Import job to import CSV entries and set the parameter:

ACCOUNT_NOT_IN_FILE_ACTION=SUSPEND

The account not on file was marked as suspended but not actually removed from the system. However, when I import it back again, Saviynt create a new account and still keep the suspended account as well.

My expectation is to "restore" the old account from active to inactive.

Now that I have two records, how can I physically delete the suspended record? I don't want it stay in system.

See attached records screenshot.

sk · ‎02/10/2023

that is the expected behaviour. ACCOUNT_NOT_IN_FILE_ACTION only supports two values 1. Suspend or 2. No Action. If you select no action then it will not take any action on the account in Saviynt which doesn't exist in file.

You can cannot just make it inactive and then active the same account

Also saviynt doesn't support deleting any account entirely from system for auditing purposes.

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

alc · ‎02/10/2023

Hello sk,

Thank you very much for your help!

I understand it is correct behavior from Saviynt perspective. if I set it as "NOACTION", the issue is it will keep that account active in Saviynt but in reality, the target system have already removed the account. So two systems are not consistent anymore. The import CSV file is generated based on current target system existing account data.

What should I do for this situation? Ideally, I want Saviynt to remove the account that does not exist in target anymore.

or at least in DEV env, it let me test all situations and clean up the system accordingly for next round of testing. Any good idea please?

rushikeshvartak · ‎02/10/2023

As for GDPR and audit concern you can’t delete account object and other objects from EIC. You need to keep in SFIS status

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

alc · ‎02/11/2023

Hello Rushikesh,

Thanks for your remind. that is correct from GDPR perspective. It would be great if we have some flexibility in DEV env. you know there is no actual data in DEV env.

By the way, when I import account and account/entitlement assignment entries with SchemaAccountImport job, although I have USERNAME/ACCOUNTNAME for each entry. and the account and user association is maintained correctly. But the account was set Orphan to true by Saviynt. Why it is orphan even it is assigned to the user correctly?

How can I control the account is orphan or not?

Thanks!

rushikeshvartak · ‎02/11/2023

orphan flag is known issue

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

alc · ‎02/12/2023

Hello Rushikesh,

Thanks let me know this is bug. any expected fix date on which version?

In addition, Could you please have a temp solution for this issue? Can I build custom user update rules or SQL Statements to fix it?

rushikeshvartak · ‎02/13/2023

You can try update account task (it may work), Custom query is last option

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Saviynt Forums

How to remove the suspended account by Import service?