AnsweredAssumed Answered

Can we review accounts based on an attribute?

Question asked by Nicolas Massimillo on Nov 28, 2018
Latest reply on Nov 28, 2018 by Boris Lekumovich

We have multiple accounts per user that are differentiated by an attribute in AD:

      - Normal Accounts

      - Service Accounts

      - Elevated Accounts

 

Our mapping is done via employee ID. So if I want to find out which user owns an elevated account (EA), I look up the employee ID associated with the EA and look up the user based on that. We have Employee ID has the mapping in Aveksa, as well.

 

I would like to do a Group Review on ONLY Elevated Accounts. 

Currently the review user selection I have set up is:

But this shows my manager every user I own (normal, service accounts, EA) and all of the groups all of those accounts are on. I understand logically why it does this (because my accounts share the user ID that reports to my manager).

For the purpose of my review, I'd like to ONLY include account_type='EA', and disregard any sort of service account or normal accounts. I'd then like my manager to be able to review the groups my EA accounts are in.

 

Is this possible?

Outcomes