Click HERE to see how Saviynt Intelligence is transforming the industry. |
05/23/2024 06:03 AM
Hi,
We would like to be able to bulk update (for current and future accounts) our primary AD accounts account type to Primary in order to configure our AD Endpoint Primary Account Type to Primary. This is to make sure Birthright rules apply only to primary accounts.
In our environment, the systemusername property on identities is equal to the AD account name of the primary account for all our users.
Would it be possible to share the high-level steps required to automatically update the account type to Primary for all accounts where the user systemusername associated to the account is equal to the account name?
Thank you for the help,
05/23/2024 11:12 AM
Hi @glegault ,
The below solution works if you are using S4S DB connector. (Refer - Solved: Re: How can we bulk update "Account Type" attribut... - Saviynt Forums - 18694)
<![CDATA[Select a.name as name, s.SYSTEMNAME as securitysystem,e.ENDPOINTNAME as endpoint,
(CASE
WHEN a.endpointkey=30 THEN 'Primary Account'
WHEN a.endpointkey=70 THEN 'Disabled Account'
WHEN a.endpointkey IN(200,210) THEN 'Service Account'
WHEN a.endpointkey IN(80,90,100,110,120) THEN 'Privileged Account'
END) as accounttypename
from Accounts a
inner join user_accounts ua on ua.accountkey=a.accountkey
inner join users u on ua.userkey=u.userkey
inner join endpoints e on e.endpointkey=a.endpointkey
inner join securitysystems s on s.systemkey=e.SECURITYSYSTEMKEY
where a.endpointkey IN(30,70) and u.systemusername=a.name]]>
</sql-query>
<mapper description="This is the mapping field for SAviynt Field name" deleteaccountentitlement="true" ifusernotexists="noaction">
<mapfield saviyntproperty="accounts.name" sourceproperty="name" type="character"></mapfield>
<mapfield saviyntproperty="accounts.accounttype" sourceproperty="accounttypename" type="character"></mapfield>
<mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpoint" type="character"></mapfield>
<mapfield saviyntproperty="securitysystems.systemname" sourceproperty="securitysystem" type="character"></mapfield>
</mapper>
If this helps, please select Accept As Solution and hit Kudos
05/24/2024 05:33 AM
Hi PremMahadikar,
Thank you for the information. We will look into this at some point in the future but not for the next few weeks, I am keeping your JSON sample as I think it could be used for our needs after some changes to fit our environment needs. Thank you.
05/23/2024 11:15 AM
You can update account type using account import sheet one time.
05/24/2024 05:35 AM
Hi rushikeshvartak,
Thank you for the information. I will look at the provided articles but I think the JSON sample provided by PremMahadikar should allow us to accomplish what we are trying to do even if I cannot test this and confirm at this point.