Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Question regarding New Account task for logical AD apps

dgandhi
All-Star
All-Star

‎09/18/2024 08:52 AM

Hi All,

We are following below document for configuring logical AD applications:

https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Logical-Active-Directory-Applications.htm

As per this document , we need to set below configuration at Security System Level

<< Select EntitlementsOnly for the Create Task action in the security system. >>

Based on this configuration it will not create "New Account" task for ARS based request, but my doubt is what happens to Joiner use case. Will system create new account task for this Security system?

Checked below forum post where similar kind of requirement was mentioned but didnt get the desired output.

Logical Application Issue - Creating new account w... - Saviynt Forums - 107449

 

 

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

0 Kudos
1 REPLY 1

rushikeshvartak
All-Star
All-Star

‎09/18/2024 08:56 AM - edited ‎09/18/2024 09:18 AM

Refer https://forums.saviynt.com/t5/identity-governance/task-remains-in-pending-state-even-after-running-p... 

EntitlementsOnly usages

  • To avoid creating account task 
  • Code internally creates task along with add access task
  • rushikeshvartak_1-1726674969902.png

    https://forums.saviynt.com/t5/identity-governance/how-to-prevent-no-entitlement-account/m-p/63014#M3...

  • https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter02-Identity-Repository/Creat...

     

    Create Task Action

    This field allows the administrator to define creating tasks for both accounts and entitlements or only entitlements. The parameter provides you the following options:

    • Select: This is the default option, this option creates the tasks for both account and entitlements. If the entitlement request is rejected and the account is approved, the account is provisioned along with the task creation of the account. As entitlement is rejected, a task is created for entitlement but entitlement request is denied.

    • EntitlementsOnly: Select this option to prevent creating a separate Create Account task, when creating an account and entitlement are requested together.

      • If EntitlementsOnly is selected and the approver completes approving the account and entitlement, the task for entitlement is created after completing approval of account and entitlement. An account is created only after approval of the entitlement request. No task is created for the account.

      • Use this option to create a task for entitlements only and wait for the entitlement to get approved, and then create an account.

      • Using this option you can also create Add Access tasks for the entitlements that are available in Entitlements with New Account tab.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC