Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unix OOTB Connector - Shadow Files

Go to solution
vmudagal1
Regular Contributor
Regular Contributor

‎05/25/2023 09:57 PM

Hi Team, 

We are reconciling the Accounts and Entitlements of Unix using the Unix OOTB Connector. 

I see that in the Guide we would require to include the groups, passwd and shadow file to import the entitlements and accounts. 

I see the groups are being reconciled without any dependency on any other files but when trying to account to import accounts I see it needs Shadow and Passwd file to reconcile.

 

According to our client Security Policies the sharing of Shadow files is a breach of their security controls and also I see there is a mention that when an account is created manually and when reconciled the accounts would be inactive status when consulted with the Unix Team in client environment. 

The shadow file is only used for reading the account status, but for if the account is created manually the accounts reconciled would still have status inactive always based on the guide. 

Is there a way to do accounts reconciliation without the Shadow File?

Version: 5.5 sp3.11

Thanks, 

Vidya D Mudagal

Labels:
0 Kudos
6 REPLIES 6

Go to solution
SB
Saviynt Employee
Saviynt Employee

‎05/30/2023 03:21 PM

Let me check this and will update you.


Regards,
Sahil
0 Kudos

Go to solution
ravendano
New Contributor
New Contributor
In response to SB

‎06/05/2023 06:19 AM

hi, is there an update? It has been almost a week already.

0 Kudos

Go to solution
vmudagal1
Regular Contributor
Regular Contributor

‎05/30/2023 11:03 PM

Hi Sahil, 

Thank you! Please do keep us posted on your finding. 

Thank you, 

Vidya D Mudagal

0 Kudos

Go to solution
prashantChauhan
Saviynt Employee
Saviynt Employee

‎06/06/2023 12:53 AM

Hi @vmudagal1 

According to the current implementation of the Unix Connector, it is mandatory to provide the Shadow file path in the connection. Otherwise, the Accounts will not be imported and the Import Job will fail.

Please create an enhancement request in the Ideas Portal to get this behavior changed so that the Shadow file is not required for the execution of the IGA use cases like the Accounts Import.

Meanwhile, we are also checking on a workaround where we provide a dummy shadow file and get the accounts imported. We will keep you updated on that.

Thanks.

 

0 Kudos

Go to solution
vmudagal1
Regular Contributor
Regular Contributor

‎06/06/2023 05:21 AM

Hi @prashantChauhan 

Thank you for checking these details and providing a confirmation. 

Please do keep us posted on the workaround you mentioned. 

Thank you,

Vidya 

0 Kudos

Go to solution
prashantChauhan
Saviynt Employee
Saviynt Employee

‎06/08/2023 01:23 AM

Hi @vmudagal1 

The workaround that I mentioned did not work out.

Please create an Idea for this so that this can be handled.

Thanks.

0 Kudos
Copyright © 2024 Khoros, LLC