Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

O365 Connector - Account threshold setting

Abhay_Yadav
New Contributor II
New Contributor II

‎09/06/2024 09:33 AM - edited ‎09/06/2024 09:35 AM

Hi All,

We have a requirement to un-correlate inactive accounts from Identity. This is for Rehire use case, on rehire for birthright to work properly old application accounts should not be mapped to identity. We are creating new entra account on rehire.

Can you please help us with below queries:

1. How can we set Status_Threshold_Config in O365 connector for sharepoint. Need to set it as below with "correlateInactiveAccounts": false as the setting.

{"statusAndThresholdConfig": {
"statusColumn": "customproperty11",
"activeStatus": [
"false"
],
"deleteLinks": true,
"accountThresholdValue": 10,
"correlateInactiveAccounts": false,
"inactivateAccountsNotInFile": true,
"deleteAccEntForActiveAccounts": false
}}

2. If above is not possible is there a way to filter out disabled Sharepoint accounts in O365 connector and not import them at all. Or if we can filter them based on any attribute that would also work.

Regards,

Abhay Yadav

Labels:
0 Kudos
9 REPLIES 9

rushikeshvartak
All-Star
All-Star

‎09/06/2024 09:51 AM

You can't uncorrelated the account once its mapped in import 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

NM
Honored Contributor II
Honored Contributor II

‎09/06/2024 10:16 AM

Hi @Abhay_Yadav you can do a one time thing and un- correlate the account via csv

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to NM

‎09/06/2024 10:28 AM

You can overwrite / replace but can’t u correlate using csv


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Abhay_Yadav
New Contributor II
New Contributor II

‎09/09/2024 12:29 AM

Hi @rushikeshvartak , @NM ,

We would like to avoid any kind of manual intervention in LCE and birthrights.

Accounts for other application gets uncorrelated if i use the above threshold json. 

In O365 there is one more issue, it imports Azure AD groups also. Now during termination the tasks for Azure Ad account and access deprovision gets created for and Same Azure AD groups deprovisioning tasks gets created for Sharepoint as well. Sharepoint tasks fails because Azure AD tasks would have already removed the access.

Is there a way to not generate tasks on deprovisioning for certain entitlement types or not import Azure AD groups in Sharepoint O365.

Regards,

Abhay Yadav

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Abhay_Yadav

‎09/09/2024 05:59 AM

  • What is connector type ?
  • You can use enhanced query to discontinue such tasks 

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Abhay_Yadav
New Contributor II
New Contributor II
In response to rushikeshvartak

‎09/10/2024 12:59 AM

Hi @rushikeshvartak ,

Connector type is Office 365

Regards,

Abhay Yadav

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Abhay_Yadav

‎09/10/2024 06:41 AM

You need to use enhanced query


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Abhay_Yadav
New Contributor II
New Contributor II
In response to rushikeshvartak

‎09/10/2024 08:07 AM

Hi @rushikeshvartak.,

Enhanced query can be used to discontinue the tasks that's fine.

What can we do for not importing terminated/disabled accounts in O365 for sharepoint.

Regards,

Abhay Yadav

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to Abhay_Yadav

‎09/10/2024 08:11 AM

I don't see any configuration available in OOTB Connector.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC