Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

random password, endDate and description is not working in Disable account JSON

Go to solution
Rohit_Mishra
New Contributor III
New Contributor III

‎05/29/2024 12:36 AM - edited ‎05/29/2024 12:37 AM

 

Hi Experts,

I need help with updating the JSON for disabling accounts in Saviynt. Specifically, I want to set the endDate, description, and a random password in AD when the account is disabled.

Desired JSON Configuration:

{
"moveUsertoOU": "OU=Saviynt_Disabled_Accounts,OU=W,DC=X,DC=Y",
"deleteAllGroups": "No",
"userAccountControl": "514",
"endDate": "${Date.Format(Date.Format(${user.enddate}, 'MM-dd-yyyy'), 'yyyy-MM-dd')}",
"unicodePwd": "${randomPassword}",
"description": "${'User Disabled via saviynt - Moved: ' + Date.Format(new Date(), 'yyyy/MM/dd') + ' - Delete: ' + Date.Format(Date.AddDays(new Date(), 30), 'yyyy/MM/dd') + ' - Do not enable account - see KBA 2950'}"
}

 

Issues Encountered:

  1. Error in Conversion for endDate:

    • When both endDate and unicodePwd are included, I receive an "will not perform" message.
    • Removing endDate resolves the error, but another message appears stating "Error in conversion attribute" we don't have the logs downloaded

  2. Description Not Updating:

    • When endDate and unicodePwd are removed, the pending task gets cleared, but the description does not update after the import.

Assistance Needed:

  • How can I correctly format and implement endDate to avoid the conversion error?
  • How can I ensure that the description field updates properly after the import?
  • How can I update the password as random after disablement

Thank you in advance for your assistance.

Best regards,
Rohit A Mishra

0 Kudos
10 REPLIES 10

Go to solution
Raghu
All-Star
All-Star

‎05/29/2024 01:58 AM

@Rohit_Mishra  try below:

"endDate": "${user.enddate.format('MM-dd-yyyy',TimeZone.getTimeZone('Etc/UTC'))}",

"description": "User Disabled via saviynt - Moved: ${new java.text.SimpleDateFormat('yyyy-MM-dd').format(new Date())} - Delete: ${Date.Format(Date.AddDays(new Date(), 30), 'yyyy/MM/dd')} - Do not enable account - see KBA 2950}"


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Go to solution
Rohit_Mishra
New Contributor III
New Contributor III
In response to Raghu

‎05/30/2024 12:26 AM

Hi Raghu,

Thanks.... Description worked 🙂

How ever will you help me with setting random password as well we are setting unicodePwd with custom pass in create account and we want it to be random once disabled what we can use here

Regards 

Rohit A Mishra

0 Kudos

Go to solution
Raghu
All-Star
All-Star
In response to Rohit_Mishra

‎05/30/2024 01:10 AM

Thanks for update. @Rohit_Mishra 

As mentioned Rushi "password": "${randomPassword}", it not working earlier other user got faced same issue

https://forums.saviynt.com/t5/identity-governance/randompassword-causes-date-variable-not-to-resolve...

 


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.
0 Kudos

Go to solution
Rohit_Mishra
New Contributor III
New Contributor III
In response to Raghu

‎05/30/2024 01:20 AM

Hi Raghu,

 I am using this to update password

"password": "${'rAnD' + (Math.abs(new Random().nextInt() % 999) + 1) + 'temporary'}"

However the description is then not getting set and without this description is working. any idea what is going on here

0 Kudos

Go to solution
Raghu
All-Star
All-Star
In response to Rohit_Mishra

‎05/30/2024 02:16 AM

@Rohit_Mishra  try like below

"password": "'rAnD' ${(Math.abs(new Random().nextInt() % 999) + 1)} 'temporary'"


Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.
0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star

‎05/29/2024 11:20 PM

Its seems issue https://forums.saviynt.com/t5/identity-governance/randompassword-causes-date-variable-not-to-resolve... 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Go to solution
Rohit_Mishra
New Contributor III
New Contributor III
In response to rushikeshvartak

‎05/30/2024 12:28 AM

Hi Rushi,

Thanks for the reply, could you please help me in setting password as random in disable account JSON

Regards

Rohit A Mishra

0 Kudos

Go to solution
NM
Honored Contributor II
Honored Contributor II

‎05/30/2024 02:25 AM

Hi @Rohit_Mishra , attach a password policy in SS and then use ${password} variable in json

Go to solution
Rohit_Mishra
New Contributor III
New Contributor III

‎05/31/2024 04:13 AM

Hi Experts, 

Thanks for the help the custom one worked, one last question if possible please answer, can we pass description in Enable account JSON as we have passed and its not updating

 

{

  "USEDNFROMACCOUNT": "YES",

  "DISABLEACCOUNTCHECKRULE": [

    "CN=${task.accountName},OU=Saviynt_Disabled_Accounts,OU=EHC_Test,DC=X,DC=Y"

  ],

  "ATTRIBUTESTOCHECK": {

    "sAMAccountName": "${task.accountName}",

    "sn": "${user.lastname}",

    "givenName": "${user.firstname}"

  },

  "MOVEDN": "YES",

  "ENABLEACCOUNTOU": "OU=Saviynt_Test,OU=EHC_Test,DC=X,DC=Y",

  "AFTERMOVEACTIONS": {

    "userAccountControl": "512",

"description": "Enabled by Saviynt"

  },

  "REMOVEGROUPS": "NO",

  "RESETPASSWORD": "NO"

}

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star
In response to Rohit_Mishra

‎06/03/2024 08:14 PM

You can pass.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos
Copyright © 2024 Khoros, LLC