Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/25/2024 02:33 AM - last edited on 06/25/2024 04:32 AM by Sunil
Hello All,
We have to setup a DB connection to bring in the access level along with the actual entitlement. Below is how the data looks on the target end -
ACCESS_LEVEL | ACTUAL_ENTITLEMENT | APPLICATION_USER_TKEY |
RW | AFFLT | UserXXXX |
Here the access level read-write is associated with the entitlement AFFLT for the user.
Could you please suggest what approach we could take to represent the account entitlement association under account details?
I am thinking of considering AFFLT as the parent entitlement and RW as child of AFFLT? Is that the correct way? If so, how do we set that up?
basically, in Saviynt, how can we show the relation between 'AFFLT' and 'RW'?
[This message has been edited by moderator to merge reply comment]
06/25/2024 05:58 AM
Hi @Gurukrishna96 ,
try using entitlement type privileges.
If you need more details on how this work, practical use case, refer this : https://docs.saviyntcloud.com/bundle/Thycotic-v24x/page/Content/Understanding-the-Integration-betwee...
You dont need to reconcile RW / R etc from endpoint , these generally doesn't change and you can setup it while creating entitlement types.
When some body request entitlement , Saviynt will ask them Read or Write or something else, and you can provision that in DB
Thanks,
Amit
If this answers your query, Please ACCEPT SOLUTION and give KUDOS.
06/25/2024 08:47 PM
<dataMapping>
<sql-query description="This is the Source DB Query">
<![CDATA[select systemname,endpointname,etkey1,etkey2,ev1,ev2 from db_import_ent]]>
</sql-query>
<mapper description="This is the mapping field for Saviynt Field name">
<mapfield saviyntproperty="securitysystems1" sourceproperty="systemname" type="character"></mapfield>
<mapfield saviyntproperty="securitysystems2" sourceproperty="systemname" type="character"></mapfield>
<mapfield saviyntproperty="securitysystems.systemname" sourceproperty="applicationname" type="character"/>
<mapfield saviyntproperty="endpoints1" sourceproperty="endpointname" type="character"></mapfield>
<mapfield saviyntproperty="endpoints2" sourceproperty="endpointname" type="character"></mapfield>
<mapfield saviyntproperty="entitlementtypes1" sourceproperty="etkey1" type="character"></mapfield>
<mapfield saviyntproperty="entitlementtypes2" sourceproperty="etkey2" type="character"></mapfield>
<mapfield saviyntproperty="entitlements2.entitlement_value1" sourceproperty="ev1" type="character"></mapfield>
<mapfield saviyntproperty="entitlements2.entitlement_value2" sourceproperty="ev2" type="character"></mapfield>
</mapper>
</dataMapping>
Ent 2 DB XML - https://docs.saviyntcloud.com/bundle/Database-v24x/page/Content/Configuring-the-Integration-for-Impo...
06/26/2024 01:32 AM
Hi @rushikeshvartak and @Amit_Malik Thanks for the suggestions.
In our scope of integration, we do not have provisioning but only reconciliation at the moment, so I feel that we need to import rather than setup the privilege at entitlement type level in Saviynt as access level is is going to be reviewed during certification.
Also, could you pls help me understand the below 2 xml lines -
<mapfield saviyntproperty="entitlements2.entitlement_value1" sourceproperty="ev1" type="character"></mapfield> <mapfield saviyntproperty="entitlements2.entitlement_value2" sourceproperty="ev2" type="character"></mapfield>
1. What is entitlements2? is it the actual entitlement type OR read-write privilege entitlement type?
2. entitlement_value1 and entitlement_value2 will have what values?
3. Will the above mapping require a different connection/security system and import job? Please explain in detail in case you've previously seen a similar requirement. I'm not able to understand much based on the documentation