Click HERE to see how Saviynt Intelligence is transforming the industry. |
08/01/2023 04:12 AM
Hi,
Can anyone provide suggestions if we can add entitlement when we are trying to disable the same user account.
Thankyou in advance.
08/01/2023 08:00 AM
@Ntest ,
Any special use case you want to add access while disabling the account? Which connector you are using here?
08/01/2023 08:47 AM - edited 08/01/2023 08:47 AM
Hi, AD connector is used and I want to add access(entitlements) when leaver usecase is being performed on that AD( disabling the accounts)
Thankyou
08/01/2023 10:38 AM
Hi @Ntest ,
Can you try below steps and validate.
1. Create Technical rule to add required entitlement/access with appropriate condition .
2. In Update Rule which you are using to disable the AD account, add one more action along with Disable Account, Re-run Selected technical rule and select above (Step 1) created technical rule to re-run.
3. Set Task Execution Hierarchy in Global configuration. Make sure to put Add Access task before Disabled Account in the Hierarchy.
Let me know if any concern.
08/01/2023 08:07 PM
You can add using actionable analytics report
08/07/2023 05:01 AM
Hi Rushikesh, Is it possible for you to share more details about actionable analytics, about its configuration and all
08/07/2023 10:59 AM
Below is the document link for actionable analytics:
When Provision Access is configured as an allowed action, it allows you to assign the account to a particular access. When this action is performed on a record, an Add Access task is created in the target application.
The Analytics query must have the columns given below:
entvaluekey - Entitlement value key of the entitlement to which the account will be assigned.
acctKey - Accountkey of the account to provision with the entitlement.
accName - Name of the account to provision with the entitlement.
userKey - Userkey of the user to whom the account is mapped.
Sample query:
select ev.entitlement_valuekey as entvaluekey, a.accountkey as acctKey, a.name as accName,u.userKey from entitlement_values ev, entitlement_types et, accounts a, user_accounts uwhere ev.entitlementtypekey=et.entitlementtypekey and et.endpointkey=6 and a.accountkey in(select accountkey from accounts where endpointkey=6) and u.ACCOUNTKEY=a.ACCOUNTKEY;
This action can also be configured as a default action, i.e., it will be automatically performed when the Analytics control is executed. Note that this default action is applicable when the Analytics control is scheduled for execution from the Admin > Job Control Panel > Analytics jobs.
Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.
08/07/2023 05:00 AM
Hi Thankyou Pandharinath for sharing this approach, I tried this approach but this is not giving accepted results.