Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

I want to assign a user who already has an Entitlement to a member of the Enterprise Role

Go to solution
JohnDoe
Regular Contributor
Regular Contributor

‎12/21/2023 10:14 PM

Hello guys,

 

We are currently migrating to production.
We created roles for each department after linking the currently running AzureAD and Active Directory accounts to users.
Therefore, each user has the Entitlements required for each department, but is not a member of Role.

In this case, is there a way to retrofit users to members of Role?
Because there are nearly 5000 users, this cannot be done manually.

Thanks,

Labels:
0 Kudos
2 REPLIES 2

Go to solution
pmahalle
All-Star
All-Star

‎12/21/2023 11:02 PM

HI @JohnDoe 

You should be able to use the "Upload Role Association" feature to achieve your use case...pmahalle_0-1703228300261.png

Upon uploading and importing the .csv file successfully and based on the configurations you select at the time of role upload, the role must get created(If not already present in the system), the role must get assigned to the user, add access tasks must be created for the entitlements in the role(and in the csv file), If the entitlements are already assigned to the user's account, tasks with status "No Action Required" must get created and stay in the "Completed Tasks" tab. The 'ASSIGNEDFROMROLES' columns in the "account_entitlements1" table should also get populated with the respective role keys...

PFA sample file that I used and the screen below is the configuration I used at the time of "Upload Role Association".

pmahalle_1-1703228300866.png

Preview of my .csv file before confirming upload...pmahalle_2-1703228300881.png

pmahalle_3-1703228300815.png

Tasks with "No Action Required" status that got created as part of the .csv file upload...pmahalle_4-1703228300824.png

 

View of account_entitlements1 prior to and after uploading roles via"Upload Role Association" where ASSIGNEDFROMROLES were not populated...
Query: select ACCENTKEY, ACCOUNTKEY,  ARSTASKKEY, ASSIGNEDFROMCOMPROLE, ASSIGNEDFROMROLE, ASSIGNEDFROMROLES, ENTITLEMENT_VALUEKEY from account_entitlements1 where accountkey = 103088 and ENTITLEMENT_VALUEKEY in (748537, 748650, 749403)

pmahalle_5-1703228300742.png

pmahalle_6-1703228300687.png

Tips: First test requesting for an enterprise role via ARS and ensure the tasks are getting created as expected. This is to ensure that
a) the role is set up correctly and is in 'Active' Status
b) the entitlements in the role are requestable and the entitlement type configuration(endpoint->Entitlement Type-> Request Option) is configured to create tasks(table in my case)


Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂
Preview file
1 KB
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star

‎12/21/2023 11:22 PM

You need to upload the mapping manually. Mapping of assignedfromeroles can be automated not role assignement


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC