Saviynt Forums

Diptansu11 · ‎11/21/2023

We had a requirement to move user into leavers OU on disablement of AD account we have done the logic using DISABLEACCOUNTJSON logic. but now we want if user is already disabled state while AD account import then it should move to leavers OU directly. Please suggest how to do that.

SumathiSomala · ‎11/21/2023

@Diptansu11 Update any users custompropertyXX

and create one user update rule -if user's custompropertyXX is updated then perform update account task for AD.

Use moveUsertoOU mapping in your AD update account JSON

Sample:

"moveUsertoOU": "${if(user.customproperty7.equals('Yes')&& user.statuskey ==1){'OU=XX,OU=XX Users,DC=XX,DC=LOCAL'}else if(if(user.customproperty8.equals('Disabled')&user.statuskey ==0){'OU=On disabled Accounts,OU=XX Users,DC=XX,DC=LOCAL'}else{'OU=Saviynt_Test,OU=Test Users,OU=XX Users,DC=XX,DC=LOCAL'}}"

Enable/check below config in global configuration

Regards,
Sumathi Somala
If this reply answered your question, please Accept As Solution and give Kudos.

Diptansu11 · ‎11/21/2023

Thanks just that here we need to check if ADaccount status for that user is already DISABLED then move to leavers OU while importing itself. Any suggestion to do this?

Saviynt Forums

Users should move to some OU if already disabled