This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to remove the suspended account by Import service?

alc
Regular Contributor
Regular Contributor

‎02/10/2023 10:28 AM

Hello Saviynt Expert,

When I use Schema based Account Import job to import CSV entries and set the parameter:

ACCOUNT_NOT_IN_FILE_ACTION=SUSPEND

The account not on file was marked as suspended but not actually removed from the system. However, when I import it back again, Saviynt create a new account and still keep the suspended account as well.

My expectation is to "restore" the old account from active to inactive.

Now that I have two records, how can I physically delete the suspended record? I don't want it stay in system.

See attached records screenshot.

Preview file
56 KB
0 Kudos
7 REPLIES 7

sk
All-Star
All-Star

‎02/10/2023 10:36 AM - edited ‎02/10/2023 10:37 AM

that is the expected behaviour. ACCOUNT_NOT_IN_FILE_ACTION only supports two values 1. Suspend or 2. No Action. If you select no action then it will not take any action on the account in Saviynt which doesn't exist in file.

You can cannot just make it inactive and then active the same account

Also saviynt doesn't support deleting any account entirely from system for auditing purposes.


Regards,
Saathvik

alc
Regular Contributor
Regular Contributor
In response to sk

‎02/10/2023 11:09 AM

Hello sk,

Thank you very much for your help!

I understand it is correct behavior from Saviynt perspective.  if I set it as "NOACTION", the issue is it will keep that account active in Saviynt but in reality, the target system have already removed the account. So two systems are not consistent anymore. The import CSV file is generated based on current target system existing account data.

What should I do for this situation? Ideally, I want Saviynt to remove the account that does not exist in target anymore.

or at least in DEV env, it let me test all situations and clean up the system accordingly for next round of testing. Any good idea please?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to alc

‎02/10/2023 04:15 PM

As for GDPR and audit concern you can’t delete account object and other objects from EIC. You need to keep in SFIS status


Regards,
Rushikesh Vartak
0 Kudos

alc
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎02/11/2023 08:11 AM - edited ‎02/11/2023 08:15 AM

Hello Rushikesh,

Thanks for your remind. that is correct from GDPR perspective. It would be great if we have some flexibility in DEV env. you know there is no actual data in DEV env. 

By the way, when I import account and account/entitlement assignment entries with SchemaAccountImport job, although I have USERNAME/ACCOUNTNAME for each entry. and the account and user association is maintained correctly. But the account was set Orphan to true by Saviynt. Why it is orphan even it is assigned to the user correctly?  

How can I control the account is orphan or not?

Thanks!

Preview file
78 KB
0 Kudos

rushikeshvartak
All-Star
All-Star
In response to alc

‎02/11/2023 08:57 AM

orphan flag is known issue


Regards,
Rushikesh Vartak
0 Kudos

alc
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎02/12/2023 05:12 AM

Hello Rushikesh,

Thanks let me know this is bug. any expected fix date on which version?

In addition, Could you please have a temp solution for this issue? Can I build custom user update rules or SQL Statements to fix it?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to alc

‎02/13/2023 10:13 PM

You can try update account task (it may work), Custom query is last option


Regards,
Rushikesh Vartak
0 Kudos
Copyright © 2023 Khoros, LLC