Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Service Account creation / Accountnamerule

fouriefb
Regular Contributor
Regular Contributor

‎11/24/2022 02:31 AM

Hi Experts,

Looking for some assistance with Service account creation(AD). From what I understand is that Accountnamerule for service account is at Endpoint and not connector (for AD). Do I have this right?

Currently generic account creation working from connector, but service account was failing due to not getting a unique DN for the account where it seems to look for the person's account requesting the new account from Service account tile.

Any sample JSON from anyone having this working correctly?

Thanks in advance

Frikkie

Labels:
0 Kudos
3 REPLIES 3

rushikeshvartak
All-Star
All-Star

‎11/24/2022 09:25 PM

Which sample json?

yes account name for service account configurable under endpoint


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

fouriefb
Regular Contributor
Regular Contributor
In response to rushikeshvartak

‎11/25/2022 02:37 AM

Thanks for the response, I am looking for CreateaccountJSON that provides for service account creation to AD.

Currently my JSON can provision a normal user account with no problem (see below) but service account cannot get created with this.

Basically need UPN and displayname created and then adding owner to account

{
"cn": "${user.username}",
"userAccountControl": "512",
"name": "${user.systemUserName}",
"employeeID": "${user.username}",
"sn": "${user.lastname==null?'':user.lastname}",
"displayName": "${user.firstname} ${user.lastname}",
"givenName": "${user.firstname}",
"userPrincipalName": "${user.username}@talanos.local",
"title": "${user.title}",
"mail": "${user.email}",
"department": "${user.departmentname==null?'':user.departmentname}",
"sAMAccountName": "${user.username}",
"manager": "${managerAccount==null?'':managerAccount.accountID}",
"mobile": "${user.phonenumber==null?'':user.phonenumber}",
"l": "${user.location}",
"employeeType": "${user.employeeType}",
"userPassword": "${randomPassword}",
"objectclass" : [
"top",
"person",
"organizationalPerson",
"user"
]
}

Thanks for your inputs

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to fouriefb

‎11/25/2022 04:19 AM

You need to use if else / ternary condition based on accounttype dynamic attribute which only exist in service account


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC