Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Not able to generate new account task for "Manually Suspended" Accounts

Go to solution
NDY
New Contributor III
New Contributor III

‎08/01/2024 04:58 AM - edited ‎08/01/2024 05:17 AM

Hello,

We have some applications with Provisioning connection only (no reconciliation). As such when the accounts for these applications are terminated, they stay as "Manually Suspended" in Saviynt.

It is confirmed that such accounts don't exist in the target after termination. But when we try to trigger a create account task for such "manually suspended" accounts, we get an error message as follows:

"Account with same name already associated to the user, so no action is required for this task" which is not true.

I believe this is due to not having reconciliation. Since we don't reconcile the accounts for such applications, how can we trigger create account tasks? I tried changing the status to "inactive", "manually suspended from import service", and 0.  

In the account name rule we have listed "active" and "manually provisioned" for check unique account.

NPY_0-1722513406912.png

 

 

0 Kudos
7 REPLIES 7

Go to solution
NM
Honored Contributor III
Honored Contributor III

‎08/01/2024 05:31 AM

Hi @NDY,

If you have to use the same name then you have to suspend the account you can use enhanced query to do the same.


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'
0 Kudos

Go to solution
NDY
New Contributor III
New Contributor III

‎08/01/2024 05:35 AM

Could you please let me know what the enhanced query is to suspend?

I used the following to change the status but I continue to get the same error message- "Account with same name already associated to the user, so no action is required for this task" 

select 'Suspended from Import Service' as accounts__status, ACCOUNTKEY as accounts__primarykey from accounts where accountkey = '65536'; It changed the status to Suspended. 

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to NDY

‎08/01/2024 06:46 AM


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Go to solution
NM
Honored Contributor III
Honored Contributor III

‎08/01/2024 05:43 AM

Hi @NDY ,

Use SUSPENDED FROM IMPORT SERVICE and also change account name to deleted on 


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Go to solution
NDY
New Contributor III
New Contributor III

‎08/02/2024 05:57 AM

@rushikeshvartak @NM 

Thank you for the input. We want to run enhanced query job and schedule it for an endpoint to change the account name and status for the accounts in 'Manually Suspended' State.

Could you please validate if the following query achieves the purpose:

SELECT
CONCAT(ac.name, '-Deleted on-', SYSDATE()) AS accounts__name,
'SUSPENDED FROM IMPORT SERVICE' AS accounts__status,
ac.accountkey AS accounts__primarykey FROM accounts ac where STATUS= 'Manually Suspended' and endpointkey=194

 

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to NDY

‎08/02/2024 05:24 PM

Query is correct you can make dynamic also so no need to updat

SELECT
CONCAT(ac.name, '-Deleted on-', SYSDATE()) AS accounts__name,
'SUSPENDED FROM IMPORT SERVICE' AS accounts__status,
ac.accountkey AS accounts__primarykey FROM accounts ac,endpoints e where ac.STATUS= 'Manually Suspended' and ac.endpointkey=e.endpointkey and e.endpointname='Rushi'

e endpointkey in different environments

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
NM
Honored Contributor III
Honored Contributor III

‎08/02/2024 06:15 AM

Hi @NDY if using alias use it everywhere (always preferable) ..ac.status and ac.endpointkey

Looks good as such..


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'
Copyright © 2024 Khoros, LLC