Saviynt Forums

amitasingh · ‎04/29/2023

Hi Team,

I want to import users from Active Directory whose lastLogonTimestamp is higher than or equal to 60 days and set their customproperty1 value to "Inactive". How can I achieve this using connector.

SB · ‎05/01/2023

Can you confirm

1. If your are able to filter these records in LDAP browser.

2. if you only need to import the subset of users whose lastLogonTimestamp is higher than or equal to 60 days or all users.

3. If this is just subset of these users and if we are able to filter in LDAP browser, we can hardcode the value for CP1 in the json itself.

Regards,
Sahil

amitasingh · ‎05/01/2023

Hi Sahil,

I need to filter the subset of Users who's lastLogonTimestamp is equal to or more than 60 days using connector. So, I want to know that is it possible that during import from AD, we can use OBJECTFILTER to put some LDAP query to find the difference between current timestamp and user lastLogonTimestamp. If yes than please provide me the sample query. If no than where can I put the condition to filter Inactive users in connector. Right now I put the below query in object filter:

(&(objectCategory=person)(objectClass=user)(lastLogonTimeStamp<=131248332000000000)(!(lastLogonTimeStamp=0)))

But here I give hardcore lastLogonTimeStamp value. But I don't think so this is the correct way to filter subset of Inactive users. So, please provide me the solution.

SB · ‎07/19/2023

I wanted to check if this is still an issue or was it fixed.

Regards,
Sahil

Saviynt Forums

Inactive Users Filter from Active Directory