Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Provision Access based on account customproperty

Sitarasmi
Regular Contributor
Regular Contributor

Hi Team,

We have a requirement where we have 2 type of accounts(Primary, external) for a single endpoint. So the, requirement is whenever an update rule is called like department name is updated and as per the  technical rule if condition matches user will be added to 1 AD group. We want group will be added only to Primary Account not external Account. We can differentiate between primary and secondary account through Accounts customproperty.
Please let us know how this can we achieved.

Thanks,

Sitarasmi

8 REPLIES 8

ejeong
Valued Contributor
Valued Contributor

How abt using prmiary account type feature under Endpoint?

Sitarasmi
Regular Contributor
Regular Contributor

Hi,

Can you please elaborate ? Unable to understand.

Thanks,
Sitarasmi

ejeong
Valued Contributor
Valued Contributor

You can specify what primay account type is in endpoint. Then tech rule will create tasks for the primary account type only.

Manu269
All-Star
All-Star

@Sitarasmi 

A user can have multiple types of accounts within an endpoint, such as - User Account, Service Account, Privileged Account. Here, a primary account can be selected amongst these multiple accounts, for which the relevant tasks can be created.

Hence, if a user has two accounts a and b and if you want the entitlement to be assigned to only account a and NOT account b then you need to provide the accountType value of account a from the Database, which will assign entitlements only to account a of user and NOT to account b.

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

SumathiSomala
All-Star
All-Star

@Sitarasmi 

Yes,The Primary Account Type parameter available in the Endpoint show page can be used for controlling add access tasks triggered from the Technical Rule.

SumathiSomala_0-1701263810028.png

 

Refer Controlling Add Access Tasks for Primary Account Type in an Endpoint section in below doc

Uploading Technical Rules (saviyntcloud.com)

 

If this reply answered your question, please accept it as a solution and kudos.

Regards,
Sumathi Somala

If this reply answered your question, please Accept As Solution and give Kudos.

rushikeshvartak
All-Star
All-Star

Refer : https://forums.saviynt.com/t5/did-you-know/did-you-know-how-and-why-you-set-up-primary-account-type/...


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Sitarasmi
Regular Contributor
Regular Contributor

Hi All,

Thanks for your reply, but I am not getting any option under Endpoint to select Primary account type

Sitarasmi_0-1701325879181.png

Anything I am missing here ?

Thanks,

Sitarasmi

Did you define the accounts type in accounts?

Please refer the docs shared by @rushikeshvartak 

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.