Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/24/2024 03:12 AM
Hi Experts,
We are facing one issue with the SNOW recon. Earlier we have the below logic to correlate the accounts with user profile
(concat(SUBSTRING(users.email,1,LOCATE("@",users.email)-1),"@domain.com") = accounts.name)
Basically, in the above logic we are forming UPN value and checking it against accounts name. Now recently there has been some changes implemented in SNOW as per that once the users are offboarded, their UPN will be changed to some other value eg: terminated_{emp_id}
After few days when we executed the recon job, it initially failed for threshold value breached, we then checked those accounts and found out that it's failing due to the existing (already correlated accounts) not getting found in the incoming accounts list, then we realised that it was indeed due to the UPN attribute value change.
In an attempt to fix this we have synced all the accounts sys_id with the user CP and updated the correlation logic as below
(concat(SUBSTRING(users.email,1,LOCATE("@",users.email)-1),"@signify.com") = accounts.name) OR (users.customproperty34 = accounts.accountid)
Even then we are getting account threshold value breaching error. I have raised one Saviynt incident as well for this [#2045923] SNOW duplicate account getting created with same sys_id : Saviynt Inc from where I got to know that it's a known issue and once correlation logic is created, the updates on top of the same logic won't work.
Below are some of my queries/doubts/concerns
Thanks & Regards,
Ramesh
09/24/2024 03:22 AM
@rameshm is the UPN also updated for existing active account?
Workarounds
1)import accounts which doesn't contain empid at the end which will automatically suspended the accounts which got offboarded as they won't be fetched from target
2)while importing the name attribute apply logic to only import value _empid
It will try to create new account because existing account name isn't have _empid at the end.