Saviynt Forums

Murmur · ‎07/02/2024

Hi everyone,

I'm wondering, why Saviynt4Saviynt Accounts are unassigned from users, when running a Deprovision Access Task. All other accounst, such as AD still keep linked to the user, yet the S4S account is removed.

After applying the below User Update rule, the user gets disabled. When looking in the accounts, all of them are still visible and inactive, except the S4S account.

When looking in the Account, I see, that the username is suddenly empty:

User Update Rule used:

rushikeshvartak · ‎07/02/2024

Que
Does it happening after user update rule ? If yes
share logs
does it working in previous version?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Murmur · ‎07/02/2024

To be exact, it happens after the first Application Data Import (Accounts).

The User Account Correlation rule for the endpoint still applies.

About the previous versions I can't tell. I expect so, but I don't have access to anything before 24.5.

I'll upload the logs, when my tests finished.

Murmur · ‎07/02/2024

@rushikeshvartak

It seems the selection during the import is limited to users with Statuskey='1'.

Affected User: 000062_SendPasswordUser

"2024-07-02T14:50:33.803+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-17-gx2jr","DEBUG","Parameters are [sEcho:1, iColumns:4, sColumns:, iDisplayStart:0, iDisplayLength:5, mDataProp_0:FK, mDataProp_1:username, mDataProp_2:firstname, mDataProp_3:lastname, sSearch:, bRegex:false, sSearch_0:, bRegex_0:false, bSearchable_0:true, sSearch_1:, bRegex_1:false, bSearchable_1:true, sSearch_2:, bRegex_2:false, bSearchable_2:true, sSearch_3:, bRegex_3:false, bSearchable_3:true, iSortCol_0:0, sSortDir_0:asc, iSortingCols:1, bSortable_0:false, bSortable_1:true, bSortable_2:true, bSortable_3:true, radio:radio, userNotToshow:1084, all:usermanager, jsontype:datatable, controller:workflowmanagement, action:alluserofloggedmanagerjson, max:5, offset:0]"
"2024-07-02T14:50:33.803+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-52-gx2jr","DEBUG","SQL:::|SELECT *  from USERS this_ where (this_.STATUSKEY=1|and not (this_.USERKEY in (1084)))|"
"2024-07-02T14:50:33.804+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-52-gx2jr","DEBUG","fetch data completed.."
"2024-07-02T14:50:33.804+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-17-gx2jr","DEBUG","Count of users 904 "
"2024-07-02T14:50:33.806+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-17-gx2jr","DEBUG","SQL:::|SELECT *  from USERS this_ where (this_.STATUSKEY=1|and not (this_.USERKEY in (1084)))|"
"2024-07-02T14:50:33.806+00:00","ecm","ws.Restfulv5Controller","http-nio-8080-exec-8-gx2jr","DEBUG","Disable Audit Logging : true"
"2024-07-02T14:50:33.806+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-17-gx2jr","DEBUG","fetch data completed.."
"2024-07-02T14:50:33.807+00:00","ecm","ws.Restfulv5Controller","http-nio-8080-exec-8-gx2jr","DEBUG","Default max limit is set to 50"
"2024-07-02T14:50:33.808+00:00","ecm","ws.Restfulv5Controller","http-nio-8080-exec-8-gx2jr","DEBUG","inside getEcmVersion"
"2024-07-02T14:50:33.808+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-8-gx2jr","DEBUG","contentType - text/json"
"2024-07-02T14:50:33.809+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-8-gx2jr","DEBUG","contentTypeFromConfig - application/json"
"2024-07-02T14:50:33.820+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-41-gx2jr","DEBUG","proceed since user has been granted admin access.."
"2024-07-02T14:50:33.821+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-41-gx2jr","DEBUG","fetch data start.."
"2024-07-02T14:50:33.822+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-41-gx2jr","DEBUG","Parameters are [sEcho:1, iColumns:6, sColumns:, iDisplayStart:0, iDisplayLength:5, mDataProp_0:FK, mDataProp_1:username, mDataProp_2:firstname, mDataProp_3:lastname, mDataProp_4:systemUserName, mDataProp_5:email, sSearch:, bRegex:false, sSearch_0:, bRegex_0:false, bSearchable_0:true, sSearch_1:, bRegex_1:false, bSearchable_1:true, sSearch_2:, bRegex_2:false, bSearchable_2:true, sSearch_3:, bRegex_3:false, bSearchable_3:true, sSearch_4:, bRegex_4:false, bSearchable_4:true, sSearch_5:, bRegex_5:false, bSearchable_5:true, iSortCol_0:0, sSortDir_0:asc, iSortingCols:1, bSortable_0:false, bSortable_1:true, bSortable_2:true, bSortable_3:true, bSortable_4:true, bSortable_5:true, radio:radio, userNotToshow:1084, status:1, all:owneronterminate, jsontype:datatable, controller:workflowmanagement, action:alluserofloggedmanagerjson, max:5, offset:0]"
"2024-07-02T14:50:33.823+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-41-gx2jr","DEBUG","Count of users 904 "
"2024-07-02T14:50:33.824+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-41-gx2jr","DEBUG","SQL:::|SELECT *  from USERS this_ where (this_.STATUSKEY=1|and not (this_.USERKEY in (1084)))|"
"2024-07-02T14:50:33.824+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-41-gx2jr","DEBUG","fetch data completed.."
"2024-07-02T14:50:33.826+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-15-gx2jr","DEBUG","proceed since user has been granted admin access.."
"2024-07-02T14:50:33.827+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-15-gx2jr","DEBUG","fetch data start.."
"2024-07-02T14:50:33.828+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-15-gx2jr","DEBUG","Parameters are [sEcho:1, iColumns:6, sColumns:, iDisplayStart:0, iDisplayLength:5, mDataProp_0:FK, mDataProp_1:username, mDataProp_2:firstname, mDataProp_3:lastname, mDataProp_4:systemUserName, mDataProp_5:email, sSearch:, bRegex:false, sSearch_0:, bRegex_0:false, bSearchable_0:true, sSearch_1:, bRegex_1:false, bSearchable_1:true, sSearch_2:, bRegex_2:false, bSearchable_2:true, sSearch_3:, bRegex_3:false, bSearchable_3:true, sSearch_4:, bRegex_4:false, bSearchable_4:true, sSearch_5:, bRegex_5:false, bSearchable_5:true, iSortCol_0:0, sSortDir_0:asc, iSortingCols:1, bSortable_0:false, bSortable_1:true, bSortable_2:true, bSortable_3:true, bSortable_4:true, bSortable_5:true, radio:radio, userNotToshow:1084, status:1, all:secondaryusermanager, jsontype:datatable, controller:workflowmanagement, action:alluserofloggedmanagerjson, max:5, offset:0]"
"2024-07-02T14:50:33.829+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-15-gx2jr","DEBUG","Count of users 904 "
"2024-07-02T14:50:33.829+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-15-gx2jr","DEBUG","SQL:::|SELECT *  from USERS this_ where (this_.STATUSKEY=1|and not (this_.USERKEY in (1084)))|"
"2024-07-02T14:50:33.830+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-15-gx2jr","DEBUG","fetch data completed.."
"2024-07-02T14:50:33.832+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-56-gx2jr","DEBUG","proceed since user has been granted admin access.."
"2024-07-02T14:50:33.833+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-56-gx2jr","DEBUG","fetch data start.."
"2024-07-02T14:50:33.834+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-56-gx2jr","DEBUG","Parameters are [sEcho:1, iColumns:6, sColumns:, iDisplayStart:0, iDisplayLength:5, mDataProp_0:FK, mDataProp_1:username, mDataProp_2:firstname, mDataProp_3:lastname, mDataProp_4:systemUserName, mDataProp_5:email, sSearch:, bRegex:false, sSearch_0:, bRegex_0:false, bSearchable_0:true, sSearch_1:, bRegex_1:false, bSearchable_1:true, sSearch_2:, bRegex_2:false, bSearchable_2:true, sSearch_3:, bRegex_3:false, bSearchable_3:true, sSearch_4:, bRegex_4:false, bSearchable_4:true, sSearch_5:, bRegex_5:false, bSearchable_5:true, iSortCol_0:0, sSortDir_0:asc, iSortingCols:1, bSortable_0:false, bSortable_1:true, bSortable_2:true, bSortable_3:true, bSortable_4:true, bSortable_5:true, radio:radio, userNotToshow:1084, notToShowLoggedInUser:true, all:dnduser, jsontype:datatable, controller:workflowmanagement, action:alluserofloggedmanagerjson, max:5, offset:0]"
"2024-07-02T14:50:33.836+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-56-gx2jr","DEBUG","Count of users 903 "
"2024-07-02T14:50:33.838+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-56-gx2jr","DEBUG","SQL:::|SELECT *  from USERS this_ where (this_.STATUSKEY=1|and not (this_.USERKEY in (1084, 16)))|"
"2024-07-02T14:50:33.838+00:00","ecm","workflow.WorkflowmanagementController","http-nio-8080-exec-56-gx2jr","DEBUG","fetch data completed.."
"2024-07-02T14:50:33.143+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-54-gx2jr","DEBUG","Exception in getUsername"
"2024-07-02T14:50:33.247+00:00","ecm","","null-gx2jr","","java.lang.NullPointerException: Cannot get property 'firstname' on null object    at com.saviynt.ecm.services.SaviyntCommonUtilityService.getUserDisplayName(SaviyntCommonUtilityService.groovy:7082) at gsp_ECM_usersshow_gsp$_run_closure2_closure5.doCall(gsp_ECM_usersshow_gsp.groovy:445)    at gsp_ECM_usersshow_gsp$_run_closure2.doCall(gsp_ECM_usersshow_gsp.groovy:841) at gsp_ECM_usersshow_gsp.run(gsp_ECM_usersshow_gsp.groovy:1141) at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)    at com.saviynt.webservice.SaviyntRestAuthenticationFilter.doFilter(SaviyntRestAuthenticationFilter.groovy:158)  at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62) at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)   at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69) at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)   at java.lang.Thread.run(Thread.java:750)"
"2024-07-02T14:50:33.144+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-54-gx2jr","DEBUG","Exception in getUsername"
"2024-07-02T14:50:33.247+00:00","ecm","","null-gx2jr","","java.lang.NullPointerException: Cannot get property 'firstname' on null object    at com.saviynt.ecm.services.SaviyntCommonUtilityService.getUserDisplayName(SaviyntCommonUtilityService.groovy:7082) at gsp_ECM_usersshow_gsp$_run_closure2_closure5.doCall(gsp_ECM_usersshow_gsp.groovy:744)    at gsp_ECM_usersshow_gsp$_run_closure2.doCall(gsp_ECM_usersshow_gsp.groovy:841) at gsp_ECM_usersshow_gsp.run(gsp_ECM_usersshow_gsp.groovy:1141) at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)    at com.saviynt.webservice.SaviyntRestAuthenticationFilter.doFilter(SaviyntRestAuthenticationFilter.groovy:158)  at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62) at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)   at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69) at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)   at java.lang.Thread.run(Thread.java:750)"
"2024-07-02T14:50:33.145+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-54-gx2jr","DEBUG","Exception in getUsername"
"2024-07-02T14:50:33.247+00:00","ecm","","null-gx2jr","","java.lang.NullPointerException: Cannot get property 'firstname' on null object    at com.saviynt.ecm.services.SaviyntCommonUtilityService.getUserDisplayName(SaviyntCommonUtilityService.groovy:7082) at gsp_ECM_usersshow_gsp$_run_closure2_closure5.doCall(gsp_ECM_usersshow_gsp.groovy:780)    at gsp_ECM_usersshow_gsp$_run_closure2.doCall(gsp_ECM_usersshow_gsp.groovy:841) at gsp_ECM_usersshow_gsp.run(gsp_ECM_usersshow_gsp.groovy:1141) at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53)    at com.saviynt.webservice.SaviyntRestAuthenticationFilter.doFilter(SaviyntRestAuthenticationFilter.groovy:158)  at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62) at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59)   at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69) at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82)   at java.lang.Thread.run(Thread.java:750)"
"2024-07-02T14:50:33.149+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-54-gx2jr","DEBUG","Inside isReadOnlyUserProfile for username : 000062_SendPasswordUser"
"2024-07-02T14:50:33.149+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-54-gx2jr","DEBUG","isReadOnlyUserProfile configData : SaviyntSupportAgent1,SaviyntSupportAgent2,SaviyntSupportAgent3,systemadmin"
"2024-07-02T14:50:33.149+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-54-gx2jr","DEBUG","ReadOnlyUsers for UI : [SAVIYNTSUPPORTAGENT1, SAVIYNTSUPPORTAGENT2, SAVIYNTSUPPORTAGENT3, SYSTEMADMIN]"
"2024-07-02T14:50:33.150+00:00","ecm","services.SaviyntCommonUtilityService","http-nio-8080-exec-54-gx2jr","DEBUG","Exit isReadOnlyUserProfile for username : 000062_SendPasswordUser"

rushikeshvartak · ‎07/02/2024

Did you specified in status threshold config to map inactive accounts to user ?

{
"statusAndThresholdConfig": {
"accountThresholdValue": 100,
"correlateInactiveAccounts": true,
"inactivateAccountsNotInFile": false,
"statusColumn": "customproperty1",
"activeStatus": [
"active"
],
"deleteLinks": true
}
}

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

NM · ‎07/02/2024

Hi @Murmur share your account import json is it db connector??

Murmur · ‎07/02/2024

Hi @NM,

It is just the default Saviynt4Saviynt Connector.

ImportAccountEntJSON:

{"acctEntParams":{"entTypes":{"SAVRoles":{"call":{"call1":{"acctKeyField":"accountID","callOrder":0,"processingType":"httpEntToAcct","pagination":{"offset":{"totalCountPath":999999999,"batchParam":"limit","batchSize":500,"offsetParam":"offset"}},"listField":"users","http":{"httpContentType":"application/json","httpHeaders":{"Authorization":"${access_token}"},"httpMethod":"GET","url":"https://mylab-dev.saviyntcloud.com/ECMv6/api/userms/savroles/${id}/users"},"entKeyField":"entitlementID","acctIdPath":"username","connection":"userAuth","stageNumber":1}}},"UserGroups":{"call":{"call1":{"callOrder":0,"processingType":"entToAcctMapping","stageNumber":0}}}}},"entitlementParams":{"entTypes":{"SAVRoles":{"call":{"call1":{"keyField":"entitlementID","callOrder":0,"listField":"savroles","http":{"successResponses":{"statusCode":[200,201]},"httpContentType":"application/json","httpHeaders":{"Authorization":"${access_token}","Accept":"application/json"},"httpMethod":"GET","url":"https://mylab-dev.saviyntcloud.com/ECMv6/api/userms/savroles"},"stageNumber":0,"colsToPropsMap":{"customproperty1":"CUSTOMPROPERTY1~#~char","entitlementID":"ROLENAME~#~char","entitlement_value":"ROLENAME~#~char"}}},"entTypeOrder":0},"UserGroups":{"call":{"call1":{"keyField":"entitlementID","callOrder":0,"pagination":{"offset":{"totalCountPath":"completeResponseMap.totalcount","batchParam":"max","batchSize":500,"offsetParam":"offset"}},"listField":"usergroups","http":{"httpParams":"","httpContentType":"application/json","httpHeaders":{"Authorization":"${access_token}","Accept":"application/json"},"httpMethod":"POST","url":"https://mylab-dev.saviyntcloud.com/ECM/api/v5/fetchUserGroup"},"stageNumber":0,"colsToPropsMap":{"acctEntMappingInfoColumnFromEnt":"STORE#ACC#ENT#MAPPINGINFO~#~char","entitlementID":"usergroupkey~#~char","entitlement_value":"user_groupname~#~char"}}},"acctEntMappings":{"keyField":"accountID","idPath":"username","listField":"owners","importAsAccount":false},"entTypeOrder":2}},"processingType":"SequentialAndIterative","connection":"userAuth"},"accountParams":{"call":{"call1":{"keyField":"accountID","callOrder":0,"pagination":{"offset":{"totalCountPath":999999999,"batchParam":"max","batchSize":500,"offsetParam":"offset"}},"listField":"results","http":{"httpContentType":"application/json","httpHeaders":{"Authorization":"${access_token}","Accept":"application/json"},"httpMethod":"GET","url":"https://mylab-dev.saviyntcloud.com/ECM/api/v5/user?q=accountExpired:0&fields=username,email,displayname,statuskey&sort=username&order=desc"},"stageNumber":0,"colsToPropsMap":{"accountID":"username~#~char","customproperty2":"email~#~char","customproperty11":"statuskey~#~char","displayName":"displayname~#~char","name":"username~#~char","status":"active~#~char"}}},"processingType":"SequentialAndIterative","connection":"userAuth","statusAndThresholdConfig":{"inactivateAccountsNotInFile":false,"activeStatus":[1],"deleteAccEntForActiveAccounts":true,"statusColumn":"customproperty11","accountThresholdValue":10,"correlateInactiveAccounts":false,"deleteLinks":true}}}

NM · ‎07/02/2024

Does it also happens when you perform action via ars?

Saviynt Forums

Saviynt4Saviynt Accounts unassigned, when User is disabled.