Saviynt Forums

Diwakar · ‎09/05/2023

Scenario: We got one scenario where user should get AD account provisioned before 21 days on his/her startdate.

For example if start date is 30-sep-2023 so user New AD account should trigger on 9-Sep-2023

Currently I have restricted this trigger by using this condition (datediff(a.startdate,now()) <= 21) in technical rule, but how to trigger this technical rule specifically on 9-sep-2023 considering no update we receive for the such users from source .

Can detective job helps? or is there any other way to do it?

Diwakar · ‎09/06/2023

Hi Everyone,

May I please request to provide an update here for my requirement.

Regards,

Diwakar.

naveenss · ‎09/06/2023

Hi @Diwakar use detective jobs to trigger the technical rules.

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.

Diwakar · ‎09/07/2023

Hi Naveen,

We tried to achieve this by detection jobs where we mentioned the below condition job in technical rule. But still Create Account for the user has not triggered after running the detective rule job.

Technical rule condition--- (a.statuskey = 1 ) and (datediff(a.startdate, curdate())=21)

Below are the logs as well for your reference. Please advise further.

2023-09-07T21:51:11+05:30-ecm-2023-09-07T16:21:11.255973042Z stdout F 2023-09-07 16:21:11,255 [http-nio-8080-exec-19] DEBUG services.WorkflowService - whereQry - and 1=1 and upper(users.username) like 'c05******%' order by tasks.taskdate desc NULLS LAST

2023-09-07T21:51:11+05:30-ecm-2023-09-07T16:21:11.256082842Z stdout F WHERE tasks.id > 0 and tasks.status IN (1,2,6,7) and 1=1 and upper(users.username) like 'c05*****%' order by tasks.taskdate desc NULLS LAST

2023-09-07T21:51:11+05:30-ecm-2023-09-07T16:21:11.256085142Z stdout F 2023-09-07 16:21:11,255 [http-nio-8080-exec-19] DEBUG services.WorkflowService - taskQry - and 1=1 and upper(users.username) like 'c0*******' order by tasks.taskdate desc NULLS LAST

Regards,

Diwakar.

dgandhi · ‎09/07/2023

You can use combination of Sav to Sav/User update rule to meet this requirement.

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

Diwakar · ‎09/08/2023

Hi Devang,

Can you please elaborate on this step?and why Detective technical rule is not working in my case. Provided all required logs as well. Please help to identify the issue!

Regards,

Diwakar.

rushikeshvartak · ‎09/10/2023

Does preview shows expected user in list ?

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Diwakar · ‎09/10/2023

Yes Rushi, expected user in list are showing but not sure why its not triggering the tasks after running detective. Please help to check the issue as we wanted to go through this OOB detective feature so that we dont have to write a new rule or customization for this task as we are now live in Prod.

Thanks,

Diwakar.

Diwakar · ‎09/12/2023

Hi Rushi/Saviynt Expert,

Any further suggestion on this issue please?

Regards,

Diwakar.

Manu269 · ‎09/12/2023

Hi Diwakar,

You can try this via a workaround.

You can set up sav 4 sav connection, to update one of the user CP value.

Based on this this cp value, you can configure your user update rule to rerun selected technical rules.

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

Diwakar · ‎09/13/2023

@Manu269 Can you please guide me on details about this workaround? Any links or reference would be of great help.

Regards,

Diwakar.

Diwakar · ‎09/17/2023

@Manu269 Can you please provide more details on this workaround, how to implement the same in Saviynt.

Thanks,

Diwakar.

Diwakar · ‎09/19/2023

@rushikeshvartak @Manu269 @Experts I am able to trigger the new AD tasks through Detective jobs but its only working when I am using the technical rule filter query(screenshot below). Is it the expected behavior for detective rule job to trigger the birth right provisioning tasks? I think it should trigger the task based on Execute rules selection only.

Regards,

Diwakar.

DixshantValecha · ‎10/08/2023

Hi @Diwakar,

Kindly direct your attention to the following forum post and accompanying documentation link for a more comprehensive understanding of birthright access:-

Implementing Birthright rules ( Technical rules ) - Saviynt Forums - 36329

https://docs.saviyntcloud.com/bundle/SSM-Admin-v55x/page/Content/Chapter05-Policies/Creating-Technic...

https://docs.saviyntcloud.com/bundle/SSM-Admin-v55x/page/Content/Chapter05-Policies/Uploading-Techni...

Saviynt Forums

Triggering birth right access for future start date