Saviynt Forums

suresh_ravuri · ‎10/08/2023

We have run the Windows bootstrap for on-premises Windows systems, It detected all the local accounts and imported them into the Windows endpoint in Saviynt, however, when we renamed the target account and ran the Windows bootstrap, the new account name did not update.

Is this a know bug or any configuration changes are required in target connection ?

Saathvik · ‎10/09/2023

@suresh_ravuri: Can you share the ReconcileJSON?

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

suresh_ravuri · ‎10/09/2023

{
"ACCOUNT": [
{
"property": "NAME",
"value": "${User}",
"Datatype": "String"
},
{
"property": "DESCRIPTION",
"value": "${Description}",
"Datatype": "String"
},
{
"property": "DISPLAYNAME",
"value": "${FullName}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY22",
"value": "${Enabled}",
"Datatype": "Boolean"
},
{
"property": "ACCOUNTID",
"value": "${SID}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY1",
"value": "${User}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY2",
"value": "${AccountExpires}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY3",
"value": "${PrincipalSource}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY4",
"value": "${ObjectClass}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY5",
"value": "${SID}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY6",
"value": "${PasswordChangeableDate}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY7",
"value": "${PasswordExpires}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY8",
"value": "${UserMayChangePassword}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY9",
"value": "${PasswordRequired}",
"Datatype": "String"
},
{
"property": "RECONCILIATION_FIELD",
"value": "ACCOUNTID",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY11",
"value": "${PSComputerName}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY12",
"value": "${PSShowComputerName}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY13",
"value": "${UserComment}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY14",
"value": "${CountryCode}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY15",
"value": "${WorkstationAllowed}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY16",
"value": "${LogonScript}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY17",
"value": "${UserProfile}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY18",
"value": "${HomeDirectory}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY19",
"value": "${LogonHoursAllowed}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY20",
"value": "${LocalGroupMemberships}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY21",
"value": "${GlobalGroupMemberships}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY30",
"value": "${Enabled}",
"Datatype": "String"
},
{
"property": "TARGETLASTPASSWORDCHANGE",
"value": "${PasswordLastSet}",
"Datatype": "Date"
},
{
"property": "ACCOUNTTYPE",
"value": "${AccountType}",
"Datatype": "String"
}
],
"ACCOUNT_ATTRIBUTES": [
{
"property": "GROUPID",
"value": "${Group}",
"Datatype": "String"
},
{
"property": "USERFLAGS",
"value": "${UserFlags}",
"Datatype": "Integer"
},
{
"property": "COMPUTERNAME",
"value": "${PSComputerName}",
"Datatype": "String"
},
{
"property": "PRINCIPALSOURCE",
"value": "${PrincipalSource}",
"Datatype": "String"
}
],
"ENTITLEMENT": [
{
"property": "TYPE",
"value": "Group",
"Datatype": "String"
},
{
"property": "ENTITLEMENT_VALUE",
"value": "${Group}",
"Datatype": "String"
},
{
"property": "ENTITLEMENTID",
"value": "${Group}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY1",
"value": "${SID}",
"Datatype": "binary"
},
{
"property": "CUSTOMPROPERTY2",
"value": "${PrincipalSource}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY3",
"value": "${ObjectClass}",
"Datatype": "String"
},
{
"property": "Description",
"value": "${Description}",
"Datatype": "String"
},
{
"property": "CUSTOMPROPERTY4",
"value": "${GroupName}",
"Datatype": "String"
},
{
"property": "ENTITLEMENTMAPPINGJSON",
"value": "${ChildEntitlements}",
"Datatype": "String"
}
]
}

suresh_ravuri · ‎10/09/2023

@Saathvik any changes required to ReconcileJSON ?

Saathvik · ‎10/09/2023

@suresh_ravuri No I see it looks okay. So if understand correctly account import is successful even after account name changes but only thing is you don't see new account name reflecting instead it still shows old name?

Also by any chance do you see any new entry with new account name?

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

suresh_ravuri · ‎10/09/2023

Yes, account name is not reflecting in the endpoint and there is no new entry for the account.

NageshK · ‎10/13/2023

@suresh_ravuri @Saathvik This seems to be a limitation and it got introduced in 23.10. Please see the key highlights in the release notes. Link is in the right widget ("Recent Documentation updates") of the Forums -> PAM home page.

Thanks

Nagesh K

Saathvik · ‎10/13/2023

@NageshK : Thanks Nagesh for pointing this out. But I don't see respective document is talking about this new feature and any changes required in JSON or configurations. I have provided the feedback to documentation team on the same.

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Saviynt Forums

Windows (Onprem) local account import is not working when the target account has been renamed