Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon
No ratings
Nilovana
Saviynt Employee
Saviynt Employee

Use Case

Instead of using Detective job (which may cause performance issue based on the data) we can  perform the deprovisioning using user update rules.

Version

2020 and Above

Solution:

  1. Get the time zone and end date from target and store in user attribute
  2. Create a runtime analytics report which has the condition according to the requirement and will give all users who are supposed to be disabled
  3. The output of the report should be username and status (or a custom property)
  4. call this report using our api - fetchruntimecontroldataNilovana_1-1687164682299.png
  5. Use that in the Saviynt 4 Saviynt user import and write the user update rules to deprovision accounts in status change.
  6. Example of the run time analytics
    select username, enddate, CAST(convert_tz (CURRENT_TIMESTAMP(),'+00:00','+05:30') AS TIME)  from users where DATE(convert_tz (enddate,'+00:00','+05:30'))  = DATE (convert_tz (CURRENT_TIMESTAMP(),'+00:00','+05:30')) and enddate is not null and CAST(convert_tz (CURRENT_TIMESTAMP(),'+00:00','+05:30') AS TIME) > '23:59'

Note:

  • ‘+5:30’ will be dynamic based on time zone.
  • Create the analytics in V2 version only.
Version history
Last update:
‎06/26/2023 10:10 AM
Updated by:
Contributors