and more in a single search tool across platforms. Read the announcement here. |
05/16/2023 04:42 AM
Here use case is that if a user is having both F3 and E3 license than in that case it should keep the most recent provisioned entitlement and deprovision the existing older entitlement.
Ex. If E3 was provisioned today 16th May and F3 was provisioned 14th may than F3 should be deprovisioned.
I have used account_entitlements1 table to compare the startdate of both F3 and E3 entitlements and select min date and accordingly take deprovisioning action on it.
select min(date(ae1.startdate)) as Min_date,ev.entitlement_value,a.name,a.accountkey as acctKey, e.endpointkey as endPntkey,ev.entitlement_valuekey AS entvaluekey,'Deprovision ACCESS' as Default_Action_For_Analytics from account_entitlements1 ae1 join accounts a on a.accountkey=ae1.accountkey
left join user_accounts ua on a.accountkey = ua.accountkey
left join users u on ua.userkey = u.userkey
left join endpoints e on e.endpointkey = a.endpointkey left join entitlement_values ev on ev.entitlement_valuekey=ae1.entitlement_valuekey
where e.endpointname='Active Directory - DEV' and ae1.entitlement_valuekey in (6760,6852) group by a.name having count(*) > 1
The problem here is the result always reflect E3 entitlement, when we filter based on minimum or even maximum date.
Can anyone please help here to view what is the problem here.
Regards,
Saksham
05/17/2023 01:34 PM
Hi @PKSAKS
Can you explain your use case with more details? If user should have only single entitlement at a time then there are other ways to implement this use case? Please provide more details so that we can provide optimal solution.
Thanks
05/18/2023 12:02 AM
Thanks prasannta.
Here the usecase is that if an account is having two entitlements Ex. A & B from the same endpoint than we need to compare which is not the recent one (i.e older entitlement) and deprovision it accordingly. Keeping only the new one.
When you say there are other means, can you explain other than above how can we achieve this scenario.
Regards,
Krishna
05/18/2023 05:48 PM
Hi @PKSAKS
You can link entitlements using entitlement map. You can add entitlements in that map and select the option to exclude entitlements. This configuration specifies whether you want to exclude mapped entitlements when the entitlement is requested through Access Requests.
Let me know if this configuration will meet you requirement.
Thanks
05/19/2023 01:40 AM
Hi Prasannta,
The usecase is very simple.
I dont think it will resolve the issue. Also how will entitlement map resolve this issue. Can you explain in more depth.
Regards,
Saksham
05/19/2023 04:15 AM