Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

remove user account correlation, make all accounts orphan

rajsannidhi
Regular Contributor
Regular Contributor

‎10/16/2023 10:12 AM

We created a new AD endpoint, for user account correlation rule we used user company attribute to match with customproperty attribute on the account which caused lot of incorrect mappings.

(users.username) = accounts.name OR (users.companyname) = accounts.CUSTOMPROPERTY27

We tried removing the user account correlation rule, ran account imports but accounts are still correlated to incorrect users

Is it possible to make all accounts orphan and then update user account correlation rule, later run account import jobs or any other options to resolve this issue?

Thank You.

Labels:
0 Kudos
3 REPLIES 3

Saathvik
All-Star
All-Star

‎10/16/2023 11:37 AM

@rajsannidhi : There is no straightforward way to do this. We have option to override the correlation as part of import using csv but no option to uncorrelate the user. Since you are in 5.5.x version. Only way I can think of is using custom query job update user_accounts table and make user key as null for such accounts


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos

rajsannidhi
Regular Contributor
Regular Contributor

‎10/16/2023 12:19 PM

@Saathvik Thank you for the details, yes I tried account upload selecting "YES for Overwrite User Assigned" as below, with blank user owner. It didn't work, tried 'Update & Add' also for operation column

Account Nameowner userendpointoperation
ABCD XYZupdate
XYZS XYZupdate
 
rajsannidhi_2-1697481797092.png
I tried below custom query, but its not working, am I missing anything ?

 

Update saviyntaws.user_accounts ua
join saviyntaws.accounts a on ua.accountkey = a.accountkey
join saviyntaws.endpoints ep on a.endpointkey = ep.endpointkey
set ua.userkey='null'
where ep.endpointkey IN ('11')
and a.accountkey IN ('1564')
 
0 Kudos

rajsannidhi
Regular Contributor
Regular Contributor

‎10/16/2023 01:02 PM

@Saathvik joined users table, this also didn't work 

Update saviyntaws.user_accounts ua
join saviyntaws.users u on ua.userkey = u.userkey
join saviyntaws.accounts a on ua.accountkey = a.accountkey
join saviyntaws.endpoints ep on a.endpointkey = ep.endpointkey
set ua.userkey=null
where ep.endpointkey IN ('63')
and a.accountkey IN ('172811')

0 Kudos
Copyright © 2024 Khoros, LLC