Here use case is that if a user is having both F3 and E3 license than in that case it should keep the most recent provisioned entitlement and deprovision the existing older entitlement.
Ex. If E3 was provisioned today 16th May and F3 was provisioned 14th may than F3 should be deprovisioned.
I have used account_entitlements1 table to compare the startdate of both F3 and E3 entitlements and select min date and accordingly take deprovisioning action on it.
select min(date(ae1.startdate)) as Min_date,ev.entitlement_value,a.name,a.accountkey as acctKey, e.endpointkey as endPntkey,ev.entitlement_valuekey AS entvaluekey,'Deprovision ACCESS' as Default_Action_For_Analytics from account_entitlements1 ae1 join accounts a on a.accountkey=ae1.accountkey
left join user_accounts ua on a.accountkey = ua.accountkey
left join users u on ua.userkey = u.userkey
left join endpoints e on e.endpointkey = a.endpointkey left join entitlement_values ev on ev.entitlement_valuekey=ae1.entitlement_valuekey
where e.endpointname='Active Directory - DEV' and ae1.entitlement_valuekey in (6760,6852) group by a.name having count(*) > 1
The problem here is the result always reflect E3 entitlement, when we filter based on minimum or even maximum date.
Can anyone please help here to view what is the problem here.
Regards,
Saksham
Hi @PKSAKS
You can link entitlements using entitlement map. You can add entitlements in that map and select the option to exclude entitlements. This configuration specifies whether you want to exclude mapped entitlements when the entitlement is requested through Access Requests.
Let me know if this configuration will meet you requirement.
Thanks
