Click HERE to see how Saviynt Intelligence is transforming the industry. |
12/21/2023 11:19 AM
Hi all,
Our client would like to use Saviynt to manage the AD Secretary field, which is meant to contain a DN, similar to how "Manager" works.
At provisioning time, we do have access to the managerAccount binding variable that allows us to retrieve the manager's account DN.
Would there be a way to retrieve the secretary's account in a similar fashion?
Thanks!
Solved! Go to Solution.
12/21/2023 11:29 AM
Use
userAccount variable
12/21/2023 12:01 PM
I believe this will give me the current user's account... I am trying to get another's identity's account in that endpoint
12/21/2023 12:06 PM
You will get all accounts user have you need to loop and get
12/21/2023 12:13 PM
Let's say user1 has an administrative assistant: user2. How can I update user1's AD account to set secretary to user2's AD account DN. This is another identity entirely, similar to how managerAccount represents the account of another identity...
12/21/2023 02:10 PM
That won't be possible. User needs to be same.
01/10/2024 07:15 AM
So it is impossible to retrieve the account information of a given application for another identity (say userX) when provisioning/updating an account in the application for userY, excepted for the manager (by using usersManagerObj) ?
I find it hard to believe, I will submit an idea on this...
Thanks!
01/10/2024 07:10 PM
Yes please submit idea
02/19/2024 05:53 AM
Found a workaround to this through preprocessor and additionaltables:
This is used at user import time to flow the secretary's AD account DN to the identity based on the secretary's email address:
ADAccounts.cp1 = Account DN
ADAccounts.cp26 = email Address
Identity cp18 = Assistant's email address
{
"ADDITIONALTABLES": {
"ADACCOUNTS": "select customproperty26,customproperty1 from accounts where endpointkey=3 and customproperty26 is not null"
},"COMPUTEDCOLUMNS": [
"customproperty19"
],
"TABLEINDEXES": {
"currentadaccounts": [
"customproperty26"
]
},
"PREPROCESSQUERIES": [
"UPDATE NEWUSERDATA SET CUSTOMPROPERTY19=(SELECT CURRENTADACCOUNTS.customproperty1 from CURRENTADACCOUNTS WHERE CURRENTADACCOUNTS.CUSTOMPROPERTY26 = customproperty18)"
]
}