12-09-2022 06:10 AM
Due to an implementation, we need to create users, in Active Directory, with sub users to their main account, example rabita, so for that user to do test in prod, we are creating sub account like rabita1, rabita2 etc.
Is there a way to create a reconcile job in SAVIYNT base of the first 6 letter of the user SamAccount to the main User in SAVIYNT, because right now i have the main user with is principale SamAccount, and all of is "sub" account are not identify to a main user in SAVIYNT
Solved! Go to Solution.
12-09-2022 06:33 AM
12-09-2022 06:39 AM - edited 12-09-2022 06:40 AM
Yes because they are not been created via SAVIYNT but directly in AD.
We are still young in SAVIYNT and we are not that mature to be able to create “Sub SamAccount” directly into SAVIYNT to the same user. So our AD Sys Admin are creating those user directly in AD with the HR Employee ID with a letter at the end so when we go into SAVIYNT – Active Directory – Accounts, I see the main SamAccount map to our Main Saviynt User but is other SamAccount or without a user so we would like to reconcile them with the first 6 caracter of those SamAccount.
12-09-2022 06:44 AM
12-09-2022 09:26 AM
Thank you we will check it out
12-09-2022 09:29 AM
If you have any common filed b/w Saviynt User and AD account like Employee ID then use that as condition in user account correlation rule on Endpoint level. Otherwise you can use advanced query to get substring of samaccountname and match with username or systemusername to correlate
12-12-2022 07:04 AM - edited 12-12-2022 07:33 AM
I'm working with Pascal on this problem. We have customproperty6 ending with letters when the user has more than one account in Active Directory. User account has the unique employeeid. We are trying to reconciliate with the employeeid using this User Account Correlation rule:
employeeid = CONCAT(LEFT(customproperty6, CHAR_LENGTH(customproperty6) - 1), IF(RIGHT(customproperty6, 1) REGEXP '[a-z]' = 0, RIGHT(customproperty6, 1), ''))
Saviynt does not seem to reconciliate the Active Directory accounts with this rule.
Any other idea we can try? Maybe it's correct but is there a way to run this with the Active Directory accounts already in Saviynt?
Thank you in advance.
12-12-2022 11:38 AM
users.employeeid = CONCAT(LEFT(accounts.customproperty6, CHAR_LENGTH(accounts.customproperty6) - 1), IF(RIGHT(accounts.customproperty6, 1) REGEXP '[a-z]' = 0, RIGHT(accounts.customproperty6, 1), ''))
Please share cp6 of accounts and employee id screenshot if above does not work
12-12-2022 11:53 AM
With this change @rushikeshvartak will it reconcile those Account under the same user even if those accounts are already in SAVIYNT?
12-12-2022 12:00 PM
12-12-2022 12:27 PM
12-12-2022 12:30 PM