Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

ADD Task not getting generated for emergency access role request

Pooja
New Contributor II
New Contributor II

Hi,

We have configured emergency access role with azureAd directory role entitlement and when we are requesting the add access task is not getting generated and we see below in logs

Pooja_0-1694605506126.png

 

3 REPLIES 3

NageshK
Saviynt Employee
Saviynt Employee

@Pooja As per the process, all issues should be reported as support tickets.  Have you already opened one?

Thanks

Nagesh K

Pooja
New Contributor II
New Contributor II

@NageshK  yes, now the task is getting generated, but the problem is two tasks one for New account and another for Add access.  We already corelated the account with the userID , but Saviynt login ID is lets say 142225 and the Account name under the AzureAD endpoint is FFID-142225@domainname.com.   

So here while requesting the role saviynt is picking the login user name and trying to create a New account. How we can fix this while requesting the role it needs to add access to the correct account.

Please advice

 

Pooja_0-1695465190223.png

 

Pooja
New Contributor II
New Contributor II

Hi,

It appears that this problem is related to the account name rule in the endpoint. Our account name is FFID-142225@domain.name.com Without the account name rule, when we make a request, it creates two tasks: one for creating the account and another for adding the account. In task account name becomes FFID142225domainnamecom as special characters are recognized. To test this, we added a special character '-@' in the endpoint rule, and it created two tasks with the account name in the task being FFID-142225@domainnamecom. Then, in the rule, we added '-@'. After this change, it no longer creates any tasks for adding access or creating an account. Please help us fix this issue.