Service Account Metadata SQL

 SELECT DISTINCT 

    e.endpointname AS application,

    a.name AS 'Account Name',

    a.accounttype AS 'Account Type',


    CASE 

        WHEN ao.OWNERUSERKEY IS NOT NULL THEN 'user' 

        WHEN ao.OWNERUSERGROUPKEY IS NOT NULL THEN 'usergroup' 

        ELSE 'Blank' 

    END AS 'Owner Type',


    COALESCE(CAST(ao.RANK AS CHAR), 'Blank') AS 'Owner Rank',


    COALESCE(uo.username, ug.USER_GROUPNAME, 'Blank') AS 'Owner user',


    COALESCE(CONCAT(uo.firstname, ' ', uo.lastname), ug.USER_GROUPNAME, 'Blank') AS 'Owner Name',


    COALESCE(uo.email, ug.USER_GROUPNAME, 'Blank') AS 'Owner Email',


    CASE 

        WHEN ao.OWNERUSERKEY IS NOT NULL THEN 

            CASE 

                WHEN uo.statuskey = 1 THEN 'Active' 

                WHEN uo.statuskey = 0 THEN 'Inactive' 

                ELSE CAST(uo.statuskey AS CHAR)

            END

        ELSE 'Blank'

    END AS 'Owner Status',


    ao.UPDATEDATE AS updatedon,


    CASE 

        WHEN a.status = 1 THEN 'Active' 

        WHEN a.status = 2 THEN 'Inactive' 

        ELSE CAST(a.status AS CHAR)

    END AS 'Account Status'


FROM accounts a

JOIN endpoints e ON a.endpointkey = e.endpointkey

LEFT JOIN accountowners ao ON ao.accountkey = a.accountkey

LEFT JOIN users uo ON ao.OWNERUSERKEY = uo.userkey

LEFT JOIN user_groups ug ON ao.OWNERUSERGROUPKEY = ug.USERGROUPKEY

WHERE a.status NOT IN ('Suspended From Import Service')

  AND e.endpointname = 'AD Service Accounts';


Comments

Post a Comment

Popular posts from this blog

Enhanced Query - To Update Account Status and Name

select accountkey as accounts__primarykey, 'SUSPENDED FROM IMPORT SERVICE' as accounts__status, CONCAT(name,'-Deleted on-', DATE_FORMAT(NOW(), '%Y-%m-%d %H:%i:%s'))as accounts__name from accounts where endpointkey=527 and name='CN=INRVCH,OU=User Accounts Vista,OU=User Accounts,OU=User Directory,DC=asia-pac,DC=xx,DC=com'  and status not in ('SUSPENDED FROM IMPORT SERVICE') limit 1;
Read more

Connection Config - STATUS_THRESHOLD_CONFIG

 {   "statusAndThresholdConfig": {    "inactivateAccountsNotInFile": true    "statusColumn":"userlock",    "activeStatus":["0","128","192"],     "accountThresholdValue": 500,     "deleteLinks": false,     "correlateInactiveAccounts": true,        } } ----------------------------------------------------------------------------- When account import run above STATUS_THRESHOLD_CONFIG is used to check. ----------------------------------- inactivateAccountsNotInFile  ==> True/false true ---> Account status 1/2 ( Active/Inactive) Day 1 --> 100 Accounts import Day 2 --> 90 Diff= 10  ( 90= Active , 10 Inactive)  ------------------------------------------------------------------------------ ----------------------------------- inactivateAccountsNotInFile  ==> True/false false ---> Account status 1/SFIS ( Active/SUSPENDED FROM IMPORT SERVICE.) Day 1 --> 100 Ac...
Read more

Email variables _ Register User

ServiceAccountOwnerMap ------- [:] entitlements ------- [] accessapprovers ------- com.saviynt.ecm.workflow.Access_Approvers : 812 jbpm_activity_name ------- Third Party Registration Approvers allApproversComments ------- null fullrowhtmltablerows ------- listofallrolesinrequest ------- [] approvedEntitlementsOwners ------- [] entitlementshtmltablerowsv2 ------- entitlementshtmltablerowsv3 ------- ServiceAccountType ------- requestlink ------- null/jbpmworkflowmanagement/showrequestdetails/TP Registration Approvals.553050?reqid=433 allRejectorsComments ------- null rolesApprovedOrRejected ------- [] rolename ------- request_access ------- com.saviynt.ecm.workflow.Request_Access : 456 users ------- XXXX allRejectors ------- [] requestid ------- 553050 rolemap ------- [:] baseUrlForEmail ------- https://dev.saviyntcloud.com/ECM assignee ------- XXXX activityname ------- Third Party Registration Approvers ServiceAccountFlag ------- false request ------- com.saviynt.ecm.workflow.ARS_Reques...
Read more