Click HERE to see how Saviynt Intelligence is transforming the industry. |
09/13/2023 04:45 AM
Hi,
We have configured emergency access role with azureAd directory role entitlement and when we are requesting the add access task is not getting generated and we see below in logs
09/20/2023 07:10 AM - edited 09/20/2023 07:10 AM
@Pooja As per the process, all issues should be reported as support tickets. Have you already opened one?
Thanks
Nagesh K
09/23/2023 03:36 AM
@NageshK yes, now the task is getting generated, but the problem is two tasks one for New account and another for Add access. We already corelated the account with the userID , but Saviynt login ID is lets say 142225 and the Account name under the AzureAD endpoint is FFID-142225@domainname.com.
So here while requesting the role saviynt is picking the login user name and trying to create a New account. How we can fix this while requesting the role it needs to add access to the correct account.
Please advice
09/28/2023 11:51 PM
Hi,
It appears that this problem is related to the account name rule in the endpoint. Our account name is FFID-142225@domain.name.com Without the account name rule, when we make a request, it creates two tasks: one for creating the account and another for adding the account. In task account name becomes FFID142225domainnamecom as special characters are recognized. To test this, we added a special character '-@' in the endpoint rule, and it created two tasks with the account name in the task being FFID-142225@domainnamecom. Then, in the rule, we added '-@'. After this change, it no longer creates any tasks for adding access or creating an account. Please help us fix this issue.