Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/18/2024 10:51 AM
Hey everyone
Got a situation where we have configured some conditionals in the disableaccountjson in our AD connection, JSON is as follows:
{
"deleteAllGroups": "${if(task?.source=='ANALYTICS_V2') {'No'} else {'Yes'}}",
"userAccountControl": "514",
"moveUsertoOU": "${if(task?.source!='ANALYTICS_V2') {'OU=Separations,OU=ISSecurity,dc=llbean,dc=com'}}",
"description": "${if(task?.source=='ANALYTICS_V2') {'Disabled by EIC due to account inactivity'} else {'Disabled by EIC'}}",
"employeeType": "${if(task?.source!='ANALYTICS_V2'){${if(user.employeeType.equals('Employee')) 'Separated E' else if (user.employeeType.equals('Contingent Worker')) 'Separated C'}}}"
}
The idea behind this process is: we have set automatic account disabling via actionable analytics when a users account hits 90 days of inactivity (analytic check last login in AD and Azure, and works perfectly)
The thing is that the behavior we're seeing is as follows:
Has anyone seen something similar before? Is there anything wrong with the conditionals? (they are working for the Analytic derived tasks though...)
Thanks in advance
09/18/2024 11:15 AM
{
"deleteAllGroups": "${task?.source == 'ANALYTICS_V2' ? 'No' : 'Yes'}",
"userAccountControl": "514",
"moveUsertoOU": "${task?.source != 'ANALYTICS_V2' ? 'OU=Separations,OU=ISSecurity,dc=llbean,dc=com' : 'DefaultOU'}",
"description": "${task?.source == 'ANALYTICS_V2' ? 'Disabled by EIC due to account inactivity' : 'Disabled by EIC'}",
"employeeType": "${task?.source != 'ANALYTICS_V2' ? (user.employeeType.equals('Employee') ? 'Separated E' : (user.employeeType.equals('Contingent Worker') ? 'Separated C' : 'DefaultType')) : 'DefaultType'}"
}
09/18/2024 11:50 AM
So basically translate to use ternary operator?
09/18/2024 11:53 AM
Yes