Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Stop account creation based on condition in Technical rule

navneetv
Regular Contributor II
Regular Contributor II

‎08/23/2023 09:15 PM

Hi Team,

if anyone can help or advise here. we want to configure the logic in technical rules for account creation based on the start date.  

Here is a use case. We create an account before an employee joins and somehow employee doesn't join the company, We disable the accounts whose workday profile is rescinded.

To prevent this we want to create the account only when the user joins the organization. could there be a way to see, whether the user is reconciled from the workday to Saviynt after the start date or not? If the workday profile is rescinded.

 

Here is the technical rule 

(a.employeeType IN ('Employee','Intern') OR ( a.employeeType ='Contractor' )) AND a.email is not null AND a.email NOT IN xyz@com and a.id in (select distinct us.userkey from User_accounts us, Accounts ac where us.accountkey = ac.id and ac.endpointkey = 2 and (ac.status = '1' or ac.status = 'Active' or ac.status = 'Manually Provisioned')) and a.id not in (select distinct us.userkey from User_accounts us, Accounts ac where us.accountkey = ac.id and ac.endpointkey = 11) and a.customproperty31 not in ('Hire_Employee_Hire_Employee_Rehire','Hire_Employee_Hire_Employee_Conversion') and a.createdate > '2023-05-23'

0 Kudos
5 REPLIES 5

Hemanath
Saviynt Employee
Saviynt Employee

‎08/24/2023 01:33 AM

Hi @navneetv ,

Can you try this in another way with Actionable analytics

1. Create actionable analytics to disable the account in target system if start date is greater than current date

2. Create actionable analytics to enable the account in target system if start date equals current date

by this way you can meet your use case

 

Thanks,

Hemanath J

0 Kudos

navneetv
Regular Contributor II
Regular Contributor II

‎08/24/2023 01:57 AM

Hi @Hemanath  is there any way to get the HR feed details? So if the user reconciles today and not reconcile tomorrow then from where I can get the details, how I can populate the date to CP, based on HR feed details 

0 Kudos

Hemanath
Saviynt Employee
Saviynt Employee

‎08/24/2023 02:39 AM

Hi @navneetv ,

can you please elaborate bit more on what you are trying to achieve.

Thanks,

Hemanath J

0 Kudos

navneetv
Regular Contributor II
Regular Contributor II

‎08/24/2023 04:02 AM

we want to add some logic or date logic in our rule that, if the start date is less than the individual user import date.  So if the user doesn't join on his joining date then the Workday profile is rescinded and I am assuming Saviynt doesn't reconcile from Workday.

Example:

XYZ user whose start date is 25th Aug and on 24 HR got to know this person will not join the company. in that case, HR rescinded the user profile, so the last import date could be the 24th and the start date is the 25. Then The account should not be created. Account should be created when the import date is greater than the start date. which means when on the 26th users come from import then a New account task should be generated for Account creation.

Like User not in feed Analytics report 

SELECT u.USERNAME as 'Username', u.STATUSKEY as 'User Status', a.name as 'Account Name', e.endpointname as 'Application', ev.entitlement_value as 'Entitlement', u.customproperty16 as 'End Employment Reason Reference', u.customproperty31 as 'Hire Reason Reference', u.userkey as 'userKey', a.accountkey as 'acctKey', ae1.entitlement_valuekey as 'entvaluekey', 'Deprovision Access' as Default_Action_For_Analytics FROM users u, accounts a, user_accounts ua, account_entitlements1 ae1, entitlement_values ev, endpoints e WHERE u.userkey=ua.userkey and ua.accountkey=a.accountkey and a.accountkey=ae1.accountkey and ae1.entitlement_valuekey=ev.entitlement_valuekey and e.endpointkey=a.endpointkey and a.status=1 and e.status=1 and u.usersource=7 and (u.job_id < (SELECT ecmimp.jobid FROM ecmimportjob ecmimp WHERE jobname = 'UserImportJob' and triggername='Workday_User_Full_Import' ORDER BY ecmimp.jobstartdate DESC LIMIT 1))
union
SELECT u.USERNAME as 'Username', u.STATUSKEY as 'User Status', a.name as 'Account Name', e.endpointname as 'Application', 'Base Account' as 'Entitlement', u.customproperty16 as 'End Employment Reason Reference', u.customproperty31 as 'Hire Reason Reference', u.userkey as 'userKey', a.accountkey as 'acctKey', '' as 'entvaluekey', 'Disable Account' AS Default_Action_For_Analytics FROM users u, accounts a, user_accounts ua, endpoints e WHERE u.userkey=ua.userkey and ua.accountkey=a.accountkey and a.endpointkey=e.endpointkey and a.status=1 and e.status=1 and u.usersource=7 and (u.job_id < (SELECT ecmimp.jobid FROM ecmimportjob ecmimp WHERE jobname = 'UserImportJob' and triggername='Workday_User_Full_Import' ORDER BY ecmimp.jobstartdate DESC LIMIT 1))

 

0 Kudos

navneetv
Regular Contributor II
Regular Contributor II

‎08/25/2023 05:31 AM

Hi @Hemanath  could you please suggest? how we can prevent account creation. Account must be created after start date pass

0 Kudos
Copyright © 2024 Khoros, LLC