Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Issue with Entitlement Onwer reconciliation

Rashmi
New Contributor
New Contributor

Hi Team,

We have 2 type of AD accounts in our environment. One is Admin account and other is normal account. Admin accounts are added to admin groups and normal accounts are added normal groups. We have a separate connection AD connection for Admin groups. 

We are trying to reconcile the owner of the admin groups from AD to Saviynt using the OOTB groupImportMapping Configuration.

However, the owner mapping is being skipped and we receive the below error message.  

] DEBUG services.AdImportService  - No account for entitlement_valuekey - 2558x having managedBy attr - CN=Rishabh Pant - XXXXX,OU=Active Users,OU=Americas - North,OU='', hence mapping skipped

Since Regular account are owner of Admin groups, user account will not be present under Admin account endpoint.

 

Please help us understand if we can bypass account presence validation while reconciliation with any configuration change to avoid this issue

4 REPLIES 4

NM
Regular Contributor III
Regular Contributor III

Hi @Rashmi, entitlement owner in AD are admin accounts or standard?? 

smithamg
Regular Contributor
Regular Contributor

Hi @NM , entitlement owner in AD are standard accounts

@smithamg : It is not possible to map accounts from different endpoint as owners.


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

rushikeshvartak
All-Star
All-Star
  • Owner account should exists under same endpoint. Cross endpoint owners are not allowed

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.