Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Not able to generate new account task for "Manually Suspended" Accounts

NPY
New Contributor III
New Contributor III

Hello,

We have some applications with Provisioning connection only (no reconciliation). As such when the accounts for these applications are terminated, they stay as "Manually Suspended" in Saviynt.

It is confirmed that such accounts don't exist in the target after termination. But when we try to trigger a create account task for such "manually suspended" accounts, we get an error message as follows:

"Account with same name already associated to the user, so no action is required for this task" which is not true.

I believe this is due to not having reconciliation. Since we don't reconcile the accounts for such applications, how can we trigger create account tasks? I tried changing the status to "inactive", "manually suspended from import service", and 0.  

In the account name rule we have listed "active" and "manually provisioned" for check unique account.

NPY_0-1722513406912.png

 

 

7 REPLIES 7

NM
Honored Contributor II
Honored Contributor II

Hi @NPY,

If you have to use the same name then you have to suspend the account you can use enhanced query to do the same.

NPY
New Contributor III
New Contributor III

Could you please let me know what the enhanced query is to suspend?

I used the following to change the status but I continue to get the same error message- "Account with same name already associated to the user, so no action is required for this task" 

select 'Suspended from Import Service' as accounts__status, ACCOUNTKEY as accounts__primarykey from accounts where accountkey = '65536'; It changed the status to Suspended. 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM
Honored Contributor II
Honored Contributor II

Hi @NPY ,

Use SUSPENDED FROM IMPORT SERVICE and also change account name to deleted on 

NPY
New Contributor III
New Contributor III

@rushikeshvartak @NM 

Thank you for the input. We want to run enhanced query job and schedule it for an endpoint to change the account name and status for the accounts in 'Manually Suspended' State.

Could you please validate if the following query achieves the purpose:

SELECT
CONCAT(ac.name, '-Deleted on-', SYSDATE()) AS accounts__name,
'SUSPENDED FROM IMPORT SERVICE' AS accounts__status,
ac.accountkey AS accounts__primarykey FROM accounts ac where STATUS= 'Manually Suspended' and endpointkey=194

 

Query is correct you can make dynamic also so no need to updat

SELECT
CONCAT(ac.name, '-Deleted on-', SYSDATE()) AS accounts__name,
'SUSPENDED FROM IMPORT SERVICE' AS accounts__status,
ac.accountkey AS accounts__primarykey FROM accounts ac,endpoints e where ac.STATUS= 'Manually Suspended' and ac.endpointkey=e.endpointkey and e.endpointname='Rushi'

e endpointkey in different environments

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM
Honored Contributor II
Honored Contributor II

Hi @NPY if using alias use it everywhere (always preferable) ..ac.status and ac.endpointkey

Looks good as such..