Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Oracle DB Entitlement Import - Duplicate Entry

Go to solution
UwarajWaman
New Contributor III
New Contributor III

‎11/21/2022 02:09 AM

Hi,

I am using 'DB Connector' to import 'roles' from Oracle database. I was able to execute the 'Entitlements Import from Database (EntitlementValueImportJob)' job successfully first time and import all the roles in 'active' status.

The subsequent executions of the job are throwing me following error -

Duplicate entry 'XDB_WEBSERVICES_OVER_HTTP-13-XDB_WEBSERVICES_OVER_HTTP' for key 'ENTITLEMENTID'

Following is my 'EntitlementValueImport' XML -

<dataMapping>
<before-import>
</before-import>
<sql-query description="This is the Source DB Query">
<![CDATA[
SELECT DISTINCT role as entvalue, 'Role' as entitlementname, 'Oracle_ORT02530' as securitysystem, 'Oracle_ORT02530' as endpoint, 1 as entstatus FROM SYS.DBA_ROLES
]]>
</sql-query>
<mapper description="This is the mapping field for Saviynt Field name"  entnotpresentaction="noaction" createentitlementtype="true">
<mapfield saviyntproperty="securitysystems.systemname" sourceproperty="securitysystem" type="character"></mapfield>
<mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpoint" type="character"></mapfield>
<mapfield saviyntproperty="entitlementtypes.entitlementname" sourceproperty="entitlementname" type="character"></mapfield>
<mapfield saviyntproperty="entitlementvalues.entitlement_value" sourceproperty="entvalue" type="character"></mapfield>
<mapfield saviyntproperty="entitlementvalues.entitlement_glossary" sourceproperty="entvalue" type="character"></mapfield>
<mapfield saviyntproperty="entitlementvalues.description" sourceproperty="entvalue" type="character"></mapfield>
<mapfield saviyntproperty="entitlementvalues.status" sourceproperty="entstatus" type="number"></mapfield>
<mapfield saviyntproperty="entitlementvalues.entitlementid" sourceproperty="entvalue" type="character"></mapfield>
<mapfield saviyntproperty="entitlementvalues.displayname" sourceproperty="entvalue" type="character"></mapfield>
</mapper>
<after-import description="EMAIL,BATCH,SQL">
</after-import>
</dataMapping>

I believe the job is trying to re-import/re-create the entitlements on every execution whereas it should only 'add' if entitlement does not exist else 'update' or 'noaction'.

Need help to identify what I am missing or misconfigured.

Thanks,

Uwaraj Waman

Labels:
0 Kudos
6 REPLIES 6

Go to solution
rushikeshvartak
All-Star
All-Star

‎11/21/2022 09:08 AM

Remove entitlementid mapping

<mapfield saviyntproperty="entitlementvalues.entitlementid" sourceproperty="entvalue" type="character"></mapfield>

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Go to solution
sk
All-Star
All-Star

‎11/21/2022 03:28 PM

I see you hardcoded Role as entitlementname in the query and mapped it to entitlementtypes.entitlementname and also you set createentitlementtype="true". So quick question on this.

Do you have entitlement type 'Role' already created on Oracle_ORT02530 endpoint? Or, Are you expecting it to be created as part of import job?

If you are not expecting it to be created as part of import job can you set createentitlementtype="false"


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to sk

‎11/21/2022 05:15 PM

Endpoint and security system name is hardcoded 🙂


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

Go to solution
UwarajWaman
New Contributor III
New Contributor III
In response to rushikeshvartak

‎11/22/2022 01:25 AM

@rushikeshvartak

Both endpoint and security system are Saviynt related terms and their values do not exist in the target database hence I had to hardcode them. I would like to use the database name and type as endpoint and security system ideally, but I couldn't find a way to create a generic DB connection by fetching endpoint and security system names dynamically from the request and using it in connection string. If that's possible then I would not have to create 100s of db connections, one each for 100s of database that we want to connect to.

Let me know if my understanding is incorrect and there is a better way to implement this.

0 Kudos

Go to solution
UwarajWaman
New Contributor III
New Contributor III
In response to sk

‎11/22/2022 01:19 AM

@skI wanted to create the 'entitlement type' as part of the first import so kept the createentitlementtype="true". The job did create the entitlement type on first execution and does not complain with subsequent executions even after keeping the value as 'true'.

0 Kudos

Go to solution
UwarajWaman
New Contributor III
New Contributor III

‎11/22/2022 01:16 AM

@rushikeshvartak@skThanks for chiming in with the suggestions. Really appreciate your help. Removing the mapping for 'entitlementid' did the trick. I got all entitlements (roles) re-imported with 'blank' entitlementid but the job does not throw errors on subsequent executions now.

0 Kudos
Copyright © 2024 Khoros, LLC