Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Unique Email ID generator including exchange online addresses

Alex
Regular Contributor
Regular Contributor

Hi,
we need to create unique email addresses for every new user and to adapt the mail address after a change of name.

We have implemented that in the past with an advanced query and the import of the exchange online only addresses to Saviynt accounts. Within that query we are checking if the prefix of the mail is already used in either the email column or in the customproperty on the accounts within the dedicated endpoint. 
This query no longer alloweds sub-select or join in a query, which makes the query not usable anymore.

Therefore we are thinking about workaround and were looking at the following blogpost:
https://forums.saviynt.com/t5/general-discussions/unique-email-id-generator/m-p/2095
and the following comment:
Email address generation rule looks at DATA column in USER_ATTRIBUTES table for uniqueness besides EMAIL column in USERS table. You can load all the proxy addresses in USER_ATTRIBUTES in DATA column. You would need to work with Saviynt support for loading data into USER_ATTRIBUTES table.

After opening a FD ticket, the support told me, that they don't have backend access anymore and therefore unable to support in this case.
Is there now some proposed best practice from saviynt to fulfill the following requirement:
Create unique mails for all users considering also exchange online only objects (forwarding addresses, distribution lists, etc.)

Quick support would be appreciated as this has an prod impact. Thank you!

9 REPLIES 9

Darshanjain
Saviynt Employee
Saviynt Employee

Hi @Alex 

You can update the user_attributes table by Configuring User import job. So, for the Exchange/Ad you need to create user import and map as below

[CUSTOMPROPERTY30::employeeID#String,

LOCATIONDESC::ssoId#String,

CUSTOMPROPERTY42::sAMAccountName#String,

USERATTRIBUTE_EMAIL:proxyAddresses#String]

 

Userattribute_email is directly exposed in this table , so you can update it accordingly.

 

And if you want to edit the values coming from proxyAddress you can use modify user data json and do the changes.#

Sample json:

{ "ADDITIONALTABLES": { "USERS": "SELECT USERKEY,firstname,lastname FROM USERS", "USER_ATTRIBUTES": "SELECT USERKEY, DATA, ATTRIBUTENAME FROM USER_ATTRIBUTES" }, "COMPUTEDCOLUMNS": [ "customproperty2", "customproperty3" ], "PREPROCESSQUERIES": [ "UPDATE NEWUSERDATA, CURRENTUSERS cu SET CUSTOMPROPERTY2 = (select CONCAT(lastname, ', ', firstname) from CURRENTUSERS where userkey=1)", "UPDATE NEWUSERDATA SET CUSTOMPROPERTY3 = (select count(USERKEY) from currentusers)", "UPDATE NEWUSERDATA SET USERATTRIBUTE_EMAIL='email1,email2,email3' where USERATTRIBUTE_EMAIL like 'validation%'" ] }

 

Thanks

Darshan

Alex
Regular Contributor
Regular Contributor

Hi @Darshanjain ,

first of all thanks for the detailed explanation. 
Based on that, it looks like this would be an option if we are talking about a exchange hybrid setup with on prem servers and the AD schema extension. Which is different to my initial request.

We have a pure exchange online setup, therefore none of the smtp addresses is available in the on prem environment. The only system, that is aware of forwarding addresses, distribution list and in general all exchange online objects is exchange online.
Is there also a solution for this setup?

Thanks,
Alex

Darshanjain
Saviynt Employee
Saviynt Employee

Hi @Alex 

is there an import connection already set for the exchange right to bring the email address stored in accounts cp, if yes you can create user import job and map as well for the same and bring those attributes in userattribute_email.

 

Thanks

Darshan

Alex
Regular Contributor
Regular Contributor

Hi @Darshanjain,

yes we have an currently active connection to exchange to import only mail addresses. That information can currently be stored in accounts repo. 

So a SAV4SAV User import? 
Just to be aligned, we don't want to create additional users just for those "shadow" mails, also we don't want to add those on active users. 
So is your proposal only storing the value in the table in the backend?

Thanks
Alex

Darshanjain
Saviynt Employee
Saviynt Employee

Yes that would do a SAV4SAV import.

Even in the userupdate history the value userattribute_email will be shown if there are any value changes

 

Thanks

Darshan

Alex
Regular Contributor
Regular Contributor

@Darshanjain 
Can you provide me the name of the table and the column name, where the values should be stored. Still uncertain for me, if this is a solution based on the requirements.

Thanks!

Darshanjain
Saviynt Employee
Saviynt Employee

Hi @Alex 

As per the above mapping, Userattribute_email will contain proxy address say ex:

Alex@test.com,Alex1@test.com,Alex2@test.com . these values will split by comma and entered in user_attributes table in the user import job itself and when ever the email is being generated it will check for these values as well.

I have already provided you the mapping in the first reply with inline processing as well if needed.

 

Thanks

Darshan

Alex
Regular Contributor
Regular Contributor

Hi @Darshanjain,
will try to check if the is also possible with a split setup with AD on prem and Exchange Online. 
Currently I don't have time to validate that, but will come back to the topic later.

I will mark you last comment as solution and will therefore refer in the future to the KB article if there are further questions.

Thanks!