JacobBice (Customer) asked a question.
Can we use multiple attributes to map accounts to identities with pre or post processing in the account collectors
We want to be able to map service accounts to multiple users. Currently we are using the manager attribute set on the AD service account, to map to the identity in RSA associated with the account on that object, but that only allows a single mapping. We have another attribute we are collecting that has comma separated employee ID's for users who are responsible for the account, is there a way to parse that collected string into individual employee ID's and use those as mapping attributes for the account?
technically, this might be doable.
This is how I configured my pre processor.
INSERT INTO T_DC_SOURCEDATA_ACCOUNT_MAP
(account_name, user_name, dc_id, run_id, SRCID)
SELECT account_name,
'10207',
dc_id,
run_id,
SRCID || '2'
FROM T_DC_SOURCEDATA_ACCOUNT_MAP
WHERE account_name = 'Boris.lek11@11111.onmicrosoft.com'
and DC_ID=v_dc_id
and run_id = v_run_id;
This worked with the hardcoded values.
Here you can see that the account has 2 mapping:
In my example I just added '2' as a postfix.
This approach is not a recommendation as it wasn't tested thoroughly.
I suggest reaching out to RSA PS and validate this solution or discuss alternatives.