and more in a single search tool across platforms. Read the announcement here. |
04/06/2023 06:06 PM
A Linux administrator has a local account containing their primary account name across all Linux systems and they login to Saviynt UI using the same primary ID (AD user id). As a result, when they request a JIT session, Saviynt attempts to provision a user on target Linux with the primary ID of the user, but it fails because the account already exists.
Would it be possible to customize the account provisioning command by adding a prefix or suffix to the username ? The following command has not worked for me.
sudo useradd -u '${username}' -m -s /bin/bash 'adm_${username}' -p '${password}' -c '${user?.lastname}.${user?.firstname}/${user?.email}' -g users
Solved! Go to Solution.
04/07/2023 02:54 PM
@suresh_ravuri Thanks for posting your question here. At this moment, it is not possible to customize the JIT account names. Manipulating the provisioning command will only reflect on target which will then cause misalignment with the name stored on saviynt side. The suggestion is to modify the existing account names on the target so that JIT use case will work in Saviynt.
Thanks
Nagesh K
10/07/2023 09:24 PM
@NageshK is this supported in v23.8 ? If so, how can I configure a custom JIT account name ?