Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Orphan Account Certification

tuhink
Regular Contributor
Regular Contributor

‎07/04/2024 07:00 AM

We have a requirement that the orphan accounts need to be certified. If the certifier revokes the account, it should be disabled. I was trying to create Application Owner Campaign where I have used the below queries to get the orphan accounts/mentioned specific accounts in advanced config.

accountkey in (select ACCOUNTKEY from accounts where ENDPOINTKEY=123 and status in (1,'Active','Manually Provisioned') and name not like 'abc-%' and ACCOUNTKEY not in (select distinct ACCOUNTKEY from user_accounts))

or

accountkey in (123,1234)

When I launch the certification, it only shows the entitlements of those accounts; it doesn't show the base accounts to certify.

Below are the config details. Please help how can I make changes to this config to include the base accounts as well.

tuhink_0-1720101384587.png

tuhink_1-1720101433884.png

tuhink_2-1720101459766.png

tuhink_3-1720101488963.png

tuhink_4-1720101511105.png

tuhink_5-1720101538906.png

tuhink_6-1720101569653.png

 

 

 

 

 

0 Kudos
8 REPLIES 8

rushikeshvartak
All-Star
All-Star

‎07/04/2024 07:05 AM

Since its orphan it won’t show

https://forums.saviynt.com/t5/identity-governance/active-orphan-accounts-application-owner-campaign/...


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

tuhink
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎07/04/2024 07:14 AM

@rushikeshvartak thank you for your quick response. Is there any other way around to certify the orphan accounts only?

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to tuhink

‎07/04/2024 07:19 AM

Using service account certification


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

tuhink
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎07/04/2024 09:54 PM

Tried with that as well. But after launching the certification its getting 100% completed. The Primary Certifier is set up in the orphan accounts. Do I need to make any other changes?

tuhink_0-1720155225668.png

 

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to tuhink

‎07/04/2024 11:02 PM

Account Type and Account owner is mandatory 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM
Honored Contributor II
Honored Contributor II
In response to tuhink

‎07/04/2024 11:02 PM

@tuhink , application owner campaign shows base account.

0 Kudos

NM
Honored Contributor II
Honored Contributor II

‎07/04/2024 10:29 PM

Hi @tuhink can you map the orphan account to admin and then check if it gets pulled in certification.

0 Kudos

dgandhi
All-Star
All-Star

‎07/05/2024 08:44 AM

Orphan accounts will be included by default in the application owner campaign. Remove the advance query that you gave and see if orphan accounts are included or not.

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

0 Kudos
Copyright © 2024 Khoros, LLC