Saviynt Forums

adityachadde · ‎07/22/2023

Hello,

We are trying to reconcile the accounts and entitlements from the database the job is getting successful, but the accounts and entitlements are not getting reconciled. We are getting the below warning in the Logs after running the jobs.

Accounts:

{log":"2023-07-23 04:14:00	777 [http-nio-8080-exec-8] DEBUG domain.JobcontrolController - checking AccountsImportFullJob status\n"
{log":"23-Jul-2023 04:14:00.777 WARNING [http-nio-8080-exec-8] groovy.sql.Sql.asSql In Groovy SQL please do not use quotes around dynamic expressions (which start with $) as this means we cannot use a JDBC PreparedStatement and so is a security hole. Groovy has worked around your mistake but the security hole is still there. The expression so far is: SELECT count(*) as count FROM qrtz_fired_triggers where JOB_NAME='?'\n"	stream:"stderr"
{log":"2023-07-23 04:14:00	777 [http-nio-8080-exec-8] DEBUG domain.JobcontrolController - AccountsImportFullJob is not running\n"
{log":"2023-07-23 04:14:00

Entitlements:

{log":"2023-07-23 04:13:21	580 [http-nio-8080-exec-13] DEBUG domain.JobcontrolController - checking EntitlementValueImportJob status\n"
{log":"23-Jul-2023 04:13:21.580 WARNING [http-nio-8080-exec-13] groovy.sql.Sql.asSql In Groovy SQL please do not use quotes around dynamic expressions (which start with $) as this means we cannot use a JDBC PreparedStatement and so is a security hole. Groovy has worked around your mistake but the security hole is still there. The expression so far is: SELECT count(*) as count FROM qrtz_fired_triggers where JOB_NAME='?'\n"	stream:"stderr"
{log":"2023-07-23 04:13:21	580 [http-nio-8080-exec-13] DEBUG domain.JobcontrolController - EntitlementValueImportJob is not running\n"
{log":"2023-07-23 04:13:21	581 [http-nio-8080-exec-13] DEBUG domain.JobcontrolController - showTrailButtons: false\n"

What Should we do to resolve this issue?

Best Regards,

Aditya Chadde

pmahalle · ‎07/22/2023

Hi @adityachadde ,

Can you share account and entitlement import xml and type of jobs you are using

Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂

dgandhi · ‎07/23/2023

Can you share more details about the same?

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

adityachadde · ‎07/23/2023

Hi,

We are using below Accounts Import XML file content:

Entitlement Value Import XML file content:

Below Jobs:

Best Regards,

Aditya Chadde

naveenss · ‎07/23/2023

Hi @adityachadde

I see you're using the below queries for account and access import respectively. Can you please confirm? Also in the select statement can you please explicitly mention the column names and retry the import jobs again?

account import: select ? from tablename u, tablename g where u.R_OBJECT_ID=g.R_OBJECT_ID

entitlement import: SELECT ? from tablename

change it to "Select <column_name1>,<column_name2> from tablename.

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.

rushikeshvartak · ‎07/23/2023

Specify actual column names in query

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

pmahalle · ‎07/23/2023

Hi @adityachadde ,

Make sure to select proper column from target table instead of ?. Also, use the same selected column name as sourceproperty under mapper.

You can refer attached account and entitlement import xml for reference.

Pandharinath Mahalle(Paddy)
If this reply answered your question, please Accept As Solution to help other who may have a same problem. Give Kudos 🙂

dgandhi · ‎07/24/2023

This seems to be mapping issue.

Please use below sample:

Account Import:

<dataMapping>
    <sql-query description="This is the Source DB Query" uniquecolumnsascommaseparated="name" >
        <![CDATA[select accountname,securitysystem,endpoint,entitlementtype,entitlementvalue,status from accounts]]>
    </sql-query>
    <mapper description="This is the mapping field for Saviynt Field name" accountnotinfileaction="Suspend" deleteaccountentitlement="true" ifusernotexists="noaction">
        <mapfield saviyntproperty="accounts.name" sourceproperty="accountName" type="character"/>
        <mapfield saviyntproperty="securitysystems.systemname" sourceproperty="securitysystem" type="character"/>
        <mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpoint" type="character"/>
        <mapfield saviyntproperty="entitlementtypes.entitlementname" sourceproperty="entitlementtype" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.entitlementvalue" sourceproperty="entitlementvalue" type="character"/>
        <mapfield saviyntproperty="accounts.status" sourceproperty="status" type="character"/>
    </mapper>
</dataMapping>

https://docs.saviyntcloud.com/bundle/Database-v23x/page/Content/Configuring-the-Integration-for-Impo...

Entitlement Import:

https://docs.saviyntcloud.com/bundle/SAP-HANA-v23x/page/Content/Using-the-DB-Connector-for-Performin...

<dataMapping>
    <sql-query description="This is the Source Database Query">
        <![CDATA[select applicationname,endpointname,entitlementtype,entitlementvalue,entID,glossary,dataowner1,dataowner2,dataowner3,soxcritical,syscritical,status,description from db_import_ent]]>
    </sql-query>
    <mapper description="This is the mapping field for Saviynt Field name" deleteentitlementowner="true" entnotpresentaction="noaction" createentitlementtype="true" systems="SecSystemName">
        <mapfield saviyntproperty="securitysystems.systemname" sourceproperty="applicationname" type="character"/>
        <mapfield saviyntproperty="endpoints.endpointname" sourceproperty="endpointname" type="character"/>
        <mapfield saviyntproperty="entitlementtypes.entitlementname" sourceproperty="entitlementtype" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.entitlement_value" sourceproperty="entitlementvalue" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.entitlementID" sourceproperty="entID" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.entitlement_glossary" sourceproperty="glossary" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.description" sourceproperty="description" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.entowner1" sourceproperty="dataowner1" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.entowner2" sourceproperty="dataowner2" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.entowner3" sourceproperty="dataowner3" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.sox_critical" sourceproperty="soxcritical" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.sys_critical" sourceproperty="syscritical" type="character"/>
        <mapfield saviyntproperty="entitlementvalues.status" sourceproperty="status" type="number"/>
    </mapper>
</dataMapping>

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

rushikeshvartak · ‎07/23/2023

Make sure entitlement type is correct.
There is no junk spaces in mapper.
systems is missing in mapper ( security system’s name)
validate xml online https://www.xmlvalidation.com/index.php?id=1&L=0&target=/xmlvalidationorig/start.jsp;jsessionid=5F9B...

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

adityachadde · ‎07/26/2023

Thank you @rushikeshvartak for the Suggestions!

EntitlementType was wrong in the entitlement Import JSON and in account import the query is not returning any records and both the issues are resolved now.

Best Regards,

Aditya Chadde

Saviynt Forums

Unable to reconcile the accounts and entitlements from target DB