Click HERE to see how Saviynt Intelligence is transforming the industry. |
05/29/2024 12:36 AM - edited 05/29/2024 12:37 AM
Hi Experts,
I need help with updating the JSON for disabling accounts in Saviynt. Specifically, I want to set the endDate, description, and a random password in AD when the account is disabled.
{
"moveUsertoOU": "OU=Saviynt_Disabled_Accounts,OU=W,DC=X,DC=Y",
"deleteAllGroups": "No",
"userAccountControl": "514",
"endDate": "${Date.Format(Date.Format(${user.enddate}, 'MM-dd-yyyy'), 'yyyy-MM-dd')}",
"unicodePwd": "${randomPassword}",
"description": "${'User Disabled via saviynt - Moved: ' + Date.Format(new Date(), 'yyyy/MM/dd') + ' - Delete: ' + Date.Format(Date.AddDays(new Date(), 30), 'yyyy/MM/dd') + ' - Do not enable account - see KBA 2950'}"
}
Error in Conversion for endDate:
Description Not Updating:
Thank you in advance for your assistance.
Best regards,
Rohit A Mishra
Solved! Go to Solution.
05/29/2024 01:58 AM
@Rohit_Mishra try below:
"endDate": "${user.enddate.format('MM-dd-yyyy',TimeZone.getTimeZone('Etc/UTC'))}",
"description": "User Disabled via saviynt - Moved: ${new java.text.SimpleDateFormat('yyyy-MM-dd').format(new Date())} - Delete: ${Date.Format(Date.AddDays(new Date(), 30), 'yyyy/MM/dd')} - Do not enable account - see KBA 2950}"
05/30/2024 12:26 AM
Hi Raghu,
Thanks.... Description worked 🙂
How ever will you help me with setting random password as well we are setting unicodePwd with custom pass in create account and we want it to be random once disabled what we can use here
Regards
Rohit A Mishra
05/30/2024 01:10 AM
Thanks for update. @Rohit_Mishra
As mentioned Rushi "password": "${randomPassword}", it not working earlier other user got faced same issue
05/30/2024 01:20 AM
Hi Raghu,
I am using this to update password
"password": "${'rAnD' + (Math.abs(new Random().nextInt() % 999) + 1) + 'temporary'}"
However the description is then not getting set and without this description is working. any idea what is going on here
05/30/2024 02:16 AM
@Rohit_Mishra try like below
"password": "'rAnD' ${(Math.abs(new Random().nextInt() % 999) + 1)} 'temporary'"
05/29/2024 11:20 PM
Its seems issue https://forums.saviynt.com/t5/identity-governance/randompassword-causes-date-variable-not-to-resolve...
05/30/2024 12:28 AM
Hi Rushi,
Thanks for the reply, could you please help me in setting password as random in disable account JSON
Regards
Rohit A Mishra
05/30/2024 02:25 AM
Hi @Rohit_Mishra , attach a password policy in SS and then use ${password} variable in json
05/31/2024 04:13 AM
Hi Experts,
Thanks for the help the custom one worked, one last question if possible please answer, can we pass description in Enable account JSON as we have passed and its not updating
{
"USEDNFROMACCOUNT": "YES",
"DISABLEACCOUNTCHECKRULE": [
"CN=${task.accountName},OU=Saviynt_Disabled_Accounts,OU=EHC_Test,DC=X,DC=Y"
],
"ATTRIBUTESTOCHECK": {
"sAMAccountName": "${task.accountName}",
"sn": "${user.lastname}",
"givenName": "${user.firstname}"
},
"MOVEDN": "YES",
"ENABLEACCOUNTOU": "OU=Saviynt_Test,OU=EHC_Test,DC=X,DC=Y",
"AFTERMOVEACTIONS": {
"userAccountControl": "512",
"description": "Enabled by Saviynt"
},
"REMOVEGROUPS": "NO",
"RESETPASSWORD": "NO"
}
06/03/2024 08:14 PM
You can pass.