Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Regarding User Update Rule

sumagalla
New Contributor III
New Contributor III

The below user update rule advanced query is not working as expected. Even though I have given a condition of accounttype as Primary, the task is getting triggered for the accounttype Secondary too, Could you please check and let me know what I have to correct in the query to trigger the task only for the Primary accounttype.


(##a.displayname isupdated##) and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname='AD' and cc.accounttype='Primary')

19 REPLIES 19

NM
Esteemed Contributor
Esteemed Contributor

Hi @sumagalla , is accountype populated in account.

Check the query in data analyzer does it give right results ??


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

stalluri
Valued Contributor II
Valued Contributor II

@sumagalla 
User regular queries and add accounttype at endpoint level. This will only pick Primary accounts.

Screenshot 2024-09-20 at 9.32.00 AM.png

or

(##a.displayname isupdated##) and a.id in (SELECT DISTINCT us.userkey FROM User_accounts us, Accounts ac WHERE us.accountkey = ac.accountkey AND ac.accounttype = 'Primary' AND ac.endpointkey=<XXXXXXXX>)


Best Regards,
Sam Talluri
If you find this a helpful response, kindly consider selecting Accept As Solution and clicking on the kudos button.

rushikeshvartak
All-Star
All-Star

Please share logs in text format
Could you kindly provide a detailed snapshot of the information extracted from the logs, encompassing errors and other pertinent functionality details encountered during the execution of this process? Your assistance in furnishing this information would greatly aid in the analysis and resolution of any issues .



‼️‼️⚠️Do not upload any attachments that contain sensitive information, such as IP Addresses, URLs, Company/Employee Names, Email Addresses, etc.⚠️ ‼️‼️Refer https://forums.saviynt.com/t5/help/faqpage/title/WhenNotifyAboutPII



Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

I have tried the ones which @stalluri and @NM have suggested, they are not working.

@rushikeshvartak Please find attached the logs.

The user update rule name: Workday_Updates_to_AD_for_Primary_Account

username: test000279

NM
Esteemed Contributor
Esteemed Contributor

Hi @sumagalla logs doesn't seem to contain details regarding the rule ..

How do you identify the account is primary add that field in user update condition.


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

sumagalla
New Contributor III
New Contributor III

In the single endpoint we have Primary and Secondary accounts, there is an enhanced query which runs to update the Primary value in the account type of the users account. I have added the below value in the user update rule, which also have accounttype.

(##a.displayname isupdated##) and a.id in (select distinct us.userkey from User_accounts us, Accounts cc, Endpoints ep where us.accountkey=cc.id and cc.endpointkey =ep.id and ep.endpointname='AD' and cc.accounttype='Primary')

 

 

When rules triggered?


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

It is creating two taks for AD, one is for primary account and other for secondary account. Not understanding why it's triggering for secondary account too even though I have given the condition to trigger only for primary account.

Did you added account type under endpoint as primary account


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Yes, it is already there.

 

sumagalla_0-1727049028877.png

 

Share logs in text file


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sumagalla
New Contributor III
New Contributor III

Please find attached the logs

The user update rule name: Workday_Updates_to_AD_for_Primary_Account

username: test000279

Tasks Created: 125570, 125569

sumagalla
New Contributor III
New Contributor III

PFA the logs

sumagalla
New Contributor III
New Contributor III

Any update on this ?

You can create enhanced query job to discontinue task created from rule ( source='ZERODAY' or 'PROVRULE) and for secondary account


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

@sumagalla : Can you share the screenshot of the update rule?  Workday_Updates_to_AD_for_Primary_Account

From the logs I see it was running different query than what you have used so wanted to double check the rule


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

sumagalla
New Contributor III
New Contributor III

Please find the rule below:

sumagalla_0-1727188673160.png

 

Full screenshot please with rule name and trigger when


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sumagalla
New Contributor III
New Contributor III

Please find the user update rule full screenshot below

sumagalla_0-1727270337619.png