Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Incremental User Import from AD

fy
New Contributor
New Contributor

‎09/26/2023 12:36 PM

Could someone provide some details on how to configure incremental import for users from AD?

 

Thanks

-Fran

Labels:
0 Kudos
8 REPLIES 8

AmitM
Valued Contributor
Valued Contributor

‎09/26/2023 01:06 PM

Hi Fran, you can find the details here 

https://docs.saviyntcloud.com/bundle/AzureAD-v2021x/page/Content/Import-Recommendations.htm

https://docs.saviyntcloud.com/bundle/AzureAD-v2021x/page/Content/Configuring-the-Integration-for-Acc...

 

Hope you are using OOTB Azure connector. Then it is just a matter of scheduling incremental jobs. I am not sure if you are using REST then it is possible or not.

AmitM_0-1695758786244.png

 

Note : Azure AD supports incremental import for only users and groups. When you run the incremental import, it performs a full import for other entitlement types and an incremental import for users and groups.

0 Kudos

SumathiSomala
All-Star
All-Star

‎09/26/2023 09:48 PM

Hi @fy 

Below sceenshot will help you to configure incremental import job for user

SumathiSomala_0-1695789953323.png

Refer the below docs for more details.

User Import via a Connection (UserImportJob) topic
Saviynt Documentation (saviyntcloud.com)
Importing users from AD
Configuring the Integration for Importing Users (saviyntcloud.com)
Let me know if it works

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

fy
New Contributor
New Contributor
In response to SumathiSomala

‎09/28/2023 10:04 AM

Thanks for your reply.

I managed to get AD incremental user import work. but I am running one issue which is all users who are not in the import feed got deactivated even though we set No Action in the Job configuration.

fy_0-1695920632386.png

Any idea on this issue?

 

Thanks

 

-Fran

0 Kudos

SumathiSomala
All-Star
All-Star
In response to fy

‎09/28/2023 10:14 AM - edited ‎09/28/2023 10:09 PM

@fy did you configure the STATUSKEYJSON parameter in connection? 

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

fy
New Contributor
New Contributor
In response to SumathiSomala

‎09/28/2023 11:00 AM

Yes

{"STATUS_ACTIVE": ["Active","Active: Approver"],"STATUS_INACTIVE": ["Inactive",""]}

0 Kudos

SumathiSomala
All-Star
All-Star
In response to fy

‎09/28/2023 11:15 AM

@fy could you please share  USER_ATTRIBUTE mapping

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

fy
New Contributor
New Contributor
In response to SumathiSomala

‎09/28/2023 11:52 AM

Hi -,

This is our user_attribute

[
USERNAME::cn#String,
LASTNAME::sn#String,
FIRSTNAME::givenName#String,
DISPLAYNAME::displayName#String,
EMPLOYEEID::hpBPNumber#String,
EMAIL::mail#String,
COMPANYNAME::hpProviderID#String,
statuskey::hpStatus#String,
EMPLOYEECLASS::#CONST#Partner,
CUSTOMPROPERTY24::hpStatus#String,
CUSTOMPROPERTY30::hpStatus#String,
CUSTOMPROPERTY31::hpLiason#String,
systemUserName::sAMAccountName#String,
CREATEDATE::whenCreated#date,
UPDATEDATE::whenChanged#date,
RECONCILATION_FIELD::USERNAME
]

 

The hpStatus ='Active', or 'Active: Approver', or 'Inactive', or ""

0 Kudos

SumathiSomala
All-Star
All-Star
In response to fy

‎09/28/2023 10:16 PM

@fy Could you please try belowUSER_ATTRIBUTE JSON and also remove duplicate mappings.

STATUSKEYJSON Must cover all possible values for ACTIVE and INACTIVE .

[

USERNAME::cn#String,

LASTNAME::sn#String,

FIRSTNAME::givenName#String,

DISPLAYNAME::displayName#String,

EMPLOYEEID::hpBPNumber#String,

EMAIL::mail#String,

COMPANYNAME::hpProviderID#String,

statuskey::hpStatus#String,

EMPLOYEECLASS::#CONST#Partner,

CUSTOMPROPERTY24::hpStatus#String,

CUSTOMPROPERTY30::hpStatus#String,

CUSTOMPROPERTY31::hpLiason#String,

systemUserName::sAMAccountName#String,

CREATEDATE::whenCreated#date,

UPDATEDATE::whenChanged#date,

CUSTOMPROPERTY10::objectGUID#Binary,

RECONCILATION_FIELD::CUSTOMPROPERTY10

]

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos
Copyright © 2024 Khoros, LLC