and more in a single search tool across platforms. Read the announcement here. |
09/05/2022 05:02 AM
Is it possible to determine if an application account has been manually correlated to a User?
I have one AD account that should be correlated to User A according to the endpoint correlation config, but it remains correlated to User B, which does not match the correlation rule, after full account recon jobs. Wondering if the account was manually correlated and might override correlation via account recon job.
09/05/2022 05:34 AM
Only way to find if account is correlated manually or via Job is using user_accounts table with updatedate & updateuser column
Accounts correlation get override only in some connector
09/08/2022 02:24 AM
@Paul_Meyer
As Rushikesh mentioned, use the user_accounts table information to validate who and when did this correlation happen :
To correct the user account correlation. You could use the below 3 options :
1. Update the correlation from UI by opening the account details page for the account.
2. Use the assign account to user API (assignAccountToUser)
3. Use a csv account upload and enable the 'Overwrite User Assigned' option
10/25/2022 01:53 AM
Based on the provided options, is the account recon task not capable of automatically re-correlating the Accounts to Users (based on the Endpoint correlation config) if the Endpoint correlation rule changes or the actual account data changes?
Are you required to manually intervene periodically to ensure that Accounts correlate to the correct Users?
Regards
Paul
10/25/2022 02:01 AM
Account correlation is not updated automatically if correlation rule is updated. You can have detective control ( analytics report ) you can have user name stored in accounts custom property and validate with saviynt account user correlation if its doesn’t match then you can update correlation using APi / csv /Manual as mentioned by Sahaj
10/25/2022 03:02 AM
And for account data changes?
For example, an AD account was correlated to the incorrect User account, based on incorrect account data. The account data was updated and doing a manual compare between the User and Account data should be a perfect match with the correct User based on the correlation rule. We have a large number of AD accounts that does not correlate regardless where the actual data matches exactly. The account data was updated after the initial account recon and we cannot get a full recon task to recorrelate the accounts.
10/25/2022 04:56 AM
Account Data will always come from target so it won’t be incorrect as this will be from one source & not from two source for same account for example AD + DB DATA coming to same account.
if AD mapping is incorrect you should find correct unique identifier and update your correlation rule & one time remove all mapping from user_accounts table with helps of operations team & correct it