Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Management of Normal and Admin Ids

Go to solution
Megha
New Contributor
New Contributor

‎07/21/2022 02:50 AM

Hi All,

We want to create multiple accounts for user on same provisioning system. The user will be have the account name like below:

Username:- Test User

Accountname1:-Test.u

Accountname2:-Test.u.admin

Please suggest on how to provision the above to the same AD connection using different security system,connection.

We have raised the ticket 143910 in freshdesk.

Unable to get much assistance. For replicating the issue, please refer the above ticket.

Regards,

Megha Urs B R

 

0 Kudos
2 REPLIES 2

Go to solution
Megha
New Contributor
New Contributor

‎07/25/2022 07:26 AM

Hi All,

 

Any suggestions in this regards will be helpful.

Regards,

Megha Urs B R

0 Kudos

Go to solution
avinashchhetri
Saviynt Employee
Saviynt Employee
In response to Megha

‎07/28/2022 09:52 AM - edited ‎07/28/2022 09:57 AM

Hello @Megha,

From what I understand, you have one Active Directory but using two Security Systems/Endpoints and two connections. In essence, these are two separate entities in Saviynt.

If provisioning from the first connection / security system is working as expected, there should not be any issue with the second one as well, since the target is the same. All you have to do is update the JSON's to ensure the admin/elevated accounts are created as per the required attributes.

The account name is different as you have stated, that can be configured in the endpoint account rules or even the create account connector itself (samAccountName), since it just required an admin constant appended to the accountname combination, assuming users cannot have more than 1 admin/elevated account.

However, using two security systems and endpoints in Saviynt for the same target Active Directory might lead to duplicate groups to show up in Saviynt, (essentially the same group but in two endpoints) . The accounts could also be duplicated across endpoints if you do not use filters at the time of reconciliation.

 

 

Regards,
Avinash Chhetri
0 Kudos
Copyright © 2024 Khoros, LLC