Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/01/2023 10:33 AM
Hi All,
Issue: New account created for users with inactive accounts
Issue Details: Users have an inactive account in AD and on their profile. When someone adds access to the role which is assigned to the user. An add access task is triggered with new account name with suffix 1,2,3..... as we have entitlements only at the security system level.
We have set the flag REUSEINACTIVEACCOUNT to TRUE in the connector:
Also, at the endpoint we have set disable new account if account already exists to true.
In the account name rule for the endpoint we have unique check to all
We are on v2021
Let me know if anything is missed.
Thanks,
Bhushan
09/04/2023 02:12 AM - edited 09/04/2023 02:12 AM
Hi @bhushan
You need to populate REUSEACCOUNTJSON parameter in the AD connection to prevent new account creation for inactive accounts with a suffix.
Please refer to the AD Connector for more details.
https://docs.saviyntcloud.com/bundle/AD-v23x/page/Content/Configuring-the-Integration-for-Provisioni...
Thanks
09/05/2023 07:52 AM
Hi @khalidakhter,
This solution is not working.
I have updated the connection as per the document. It still created a new account for the user with inactive account. The new account creation is as per accountnamerule in the endpoint.
Thanks,
Bhushan
09/05/2023 11:45 AM
@bhushanWould you kindly send the entire log of the WSRETRY job for the scenario of creating an account?
09/05/2023 12:13 PM
The account was created with a new accountname in EIC.
The issue we are facing is with EIC. Inactive account is not updated with the access. New account is created.
Thanks,
Bhushan