and more in a single search tool across platforms. Read the announcement here. |
01/12/2023 05:07 AM
Hi,
Is there any way in Saviynt to re-evaluate the technical rules if account attribute for a specific endpoint are updated.
I understand it is not possible via User-update rules, but is there any other way to configure this usecase.
Regards,
Mahak
01/12/2023 10:33 AM
Even technical rules are based on user object. They cannot run on account level changes.
01/12/2023 02:36 PM
There no account update rule. But what’s rationale behind use case ?
01/13/2023 12:35 AM
Hi,
We are currently using the following tech rule.
a.statuskey=1 and a.username in (select distinct u1.username from User_accounts us, Accounts cc,Users u1 where u1.userkey=us.userkey and us.accountkey=cc.accountkey and cc.endpointkey=3 and cc.customproperty5='ABC' and cc.status in (1,'Active','Manually Provisioned'))
Which Adds Access to Group: CN=ABC,ou=Saviynt,dc=company,dc=com
This rule ensures that upon user creation only the user's where Account CP5='ABC' are given access to the group.
Now, i would want to re-evaluate the rule when account's CP5 is changed to some other value and the user must lose access to the group and get assigned to a new group based on the CP5 change.
Since there is no account update rule, i am working on other ways this usecase can be achieved.
Kind Regards,
Mahak
01/17/2023 09:23 PM
Use automated actionable report