We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Custom Account Name for JIT Account provisioining

New Contributor III
New Contributor III

A Linux administrator has a local account containing their primary account name across all Linux systems and they login to Saviynt UI using the same primary ID (AD user id). As a result, when they request a JIT session, Saviynt attempts to provision a user on target Linux with the primary ID of the user, but it fails because the account already exists.

Would it be possible to customize the account provisioning command by adding a prefix or suffix to the username ? The following command has not worked for me.

sudo useradd -u '${username}' -m -s /bin/bash 'adm_${username}' -p '${password}' -c '${user?.lastname}.${user?.firstname}/${user?.email}' -g users


Saviynt Employee
Saviynt Employee

@suresh_ravuri Thanks for posting your question here. At this moment, it is not possible to customize the JIT account names. Manipulating the provisioning command will only reflect on target which will then cause misalignment with the name stored on saviynt side. The suggestion is to modify the existing account names on the target so that JIT use case will work in Saviynt.


Nagesh K

@NageshK  is this supported in v23.8 ? If so, how can I configure a custom JIT account name ?