Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

LDAP & Local Account Authentication

lionelrl
New Contributor III
New Contributor III

Dear Team, 

We want to enable LDAP authentication and local account authentication to work at the same time. LDAP authentication for users and local for the application that access Saviynt to pull logs. Could you please let us know how to implement it?

-Lionel

8 REPLIES 8

nimitdave
Saviynt Employee
Saviynt Employee

LDAP Authentication:

https://docs.saviyntcloud.com/bundle/SSM-Admin-v55x/page/Content/Chapter07-General-Administrator-Tas...

 

How other application users will be pulling logs? We only support export of audit through analytics and Saviynt REST APIs. We do not expose application logs. For invoking REST APIs, you need to have a user woth localauthenabled=1 for that user. It can be done using custom query job.

lionelrl
New Contributor III
New Contributor III

yes, you are correct. We want to pull audit logs via. REST API.

 

Thanks,

Lionel

nimitdave
Saviynt Employee
Saviynt Employee

lionelrl
New Contributor III
New Contributor III

I can already fetch the audit logs via API, I want to enabled local account auth to do it. I'll going to try localauthenabled=1 , will let you know how it goes. 

 

 

-Lionel

lionelrl
New Contributor III
New Contributor III

I do not see localauthenabled column in the users table, we are on 23.5 version. 

lionelrl_0-1686838584851.pnglionelrl_1-1686838690529.png

 

 

lionelrl
New Contributor III
New Contributor III

We found that the schema has changed int he new version. So the query is as follows

  • Custom Query - update users set LOCALE=1 where username='username';

[EDITED]: I stand corrected, this is not the right solution, not sure how it worked for 2 account  when we did this 😞

NageshK
Saviynt Employee
Saviynt Employee

@lionelrl the column is indeed present but it appears that access is prevented for data analyzer. It should had been for security reasons as this is a sensitive field. For your requirement though you can still go ahead execute customquery job with the following query. Try it and let us know if the query executes successfully or not

update users set localauthenabled = b'1' where username = ''

mention the username accordingly in the above query

Thanks,

Nagesh K 

lionelrl
New Contributor III
New Contributor III

Hi Nagesh,

The query is working as expected and we are able to perform local authentication. 

 

Thanks,

Lionel