Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Technical Rules / User Update Rules Issue

rambhan
New Contributor II
New Contributor II

‎11/29/2023 04:55 AM

Hi Team,

We are experiencing an issue while trying to provision access to an account in the Active Directory connector. While using technical rules or user update rules, we are able to work on user objects and target specific users, but we don't have an option in both rules to target specific accounts. If a user has two accounts, one for admin and one for normal, we should be able to target the normal account to provision access without touching the admin account. Is that possible in Saviynt? If yes, can anyone provide me with any documentation available?

Labels:
0 Kudos
7 REPLIES 7

Manu269
All-Star
All-Star

‎11/29/2023 05:12 AM

@rambhan You can specify what primay account type is in endpoint.

A user can have multiple types of accounts within an endpoint, such as - User Account, Service Account, Privileged Account. Here, a primary account can be selected amongst these multiple accounts, for which the relevant tasks can be created.

Hence, if a user has two accounts a and b and if you want the entitlement to be assigned to only account a and NOT account b then you need to provide the accountType value of account a from the Database, which will assign entitlements only to account a of user and NOT to account b.

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

SumathiSomala
All-Star
All-Star

‎11/29/2023 05:13 AM - edited ‎11/29/2023 05:18 AM

@rambhan Yes,The Primary Account Type parameter available in the Endpoint show page can be used for controlling add access tasks triggered from the Technical Rule.

SumathiSomala_0-1701263894179.png

 

Refer Controlling Add Access Tasks for Primary Account Type in an Endpoint section in below doc

Uploading Technical Rules (saviyntcloud.com)

 

If this reply answered your question, please accept it as a solution and kudos.

 

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

rambhan
New Contributor II
New Contributor II

‎11/29/2023 06:47 AM

Hi @SumathiSomala / @Manu269  Thanks for prompt response.

With the help of the primary account type, I was able to provide access to the specific account that I was looking for, but after provisioning, there is an issue where the entitlement heirarchy for the specific account that I chose for provision is showing for two entitlements when I only targeted one(PSN-SavPOC-Test9).

rambhan_0-1701269159755.png

Should I make any changes for this to populate only for the one that I targeted?

0 Kudos

SumathiSomala
All-Star
All-Star
In response to rambhan

‎11/29/2023 07:06 AM

@rambhan Happening for other accounts aswell?

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.
0 Kudos

rambhan
New Contributor II
New Contributor II

‎11/29/2023 07:07 AM

Yes it was happened to the other admin account too before I ask the question here about primaryaccounttype.

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to rambhan

‎11/29/2023 07:23 PM

what was old behaviour before primary account type config


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

rambhan
New Contributor II
New Contributor II
In response to rushikeshvartak

‎11/30/2023 04:12 AM - edited ‎12/01/2023 05:04 AM

Hi @rushikeshvartak @SumathiSomala , before updating the primary account type, Saviynt picked up the admin account to provision, and the entitlements are provisioned in the same way.

0 Kudos
Copyright © 2024 Khoros, LLC