Hi! Is there anyway to search for an Active Directory Security Group for an entitlement review by the Managed By field (managedBy) ?
I have tried this: @accounts(source.managedBy:“Mark Morales”)
Open for suggestions 
Hi Margot. Are you looking to search for the AD group or for the accounts in that specific group?
AD Groups that the ManagedBy = “This User”
I don’t think that specific piece of information is searchable in the Entitlement Model: Searchable Fields - SailPoint Identity Services
The @accounts search string implies it will search for that at the account level.
You could try to use the bulk certification tool to achive that use case, given that you can extract the managedBy references → https://community.sailpoint.com/t5/IdentityNow-Articles/Bulk-Certification-Tool/ta-p/77926
Note, we are adding entitlement level ownership that will alleviate this down the road, but no clear/commited timeline on that one.
Sorry for the late reply, did cross-check with PM
I think I figured - replacing Owner in the entitlement attributes - with managedBy (or adding it) so if someone has a rouge owner field being used, vs managedBy I can get both… testing it today.
Hi @MBowen
were you able to add managedBy attribute & pull the data from AD ?
We are testing this now.
Hello - we were not able to add this.
However, our talented powershell developer was able to put a set of code together that takes the managedby and populates the owner for entitlements.
So far we are seeing the data populate accordingly. But as mentioned here: Entitlement Ownership : Search and Updates
I am not sure if there is a bug w/the search for owner because we are not getting it to come up in the search.
As mentioned on Entitlement Ownership : Search and Updates , retry after an entitlement aggregation on the source
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.