Hello!
We are currently in the process of implementing a CSV import for ESets + ESetHasEntitlement. The fun part is, that this is all handled in a single CSV where all the fields we require for ESets are present, as well as pipe-seperated columns with the ADSGroup canonical names, UNSGroupB canonical names, SAPRoles......etc.
These Fields have been configured in the CSV system file to be multi-value and pipe delimited.
On the OneIdentity Manager Database side (ESet) I created a virtual attribute of the type "Members of M:N schema types":
On the CSV system side I created a virtual script attribute that merges all the multi-value-columns of pipe delimited unique identifiers for the respective entitlement type:
Now, when I run the synchronisation project, when inserting an ESet with all its entitlements everything is as expected. If I add entitlements, or remove them, they are added and removed respectively, but also, and this the part where I´m having the issue, the remaining entitlements are removed.
If I upload the exact same file multiple times, then it will always:
- remove entitlements present in the file and present in the ESetHasEntitlement table
- add entitlements present in the file, but not present in the ESetHasEntitlement table.
This is strange, as I would expect entitlements present in the file and present in OIM to stay unchanged and new entitlements to be added (or removed if not present).
It is currenty a last resort for our client to deliver multiple CSVs with one representing the ESets and the other representing the ESetHasEntitlement for each respective target system.
I would greatly appreciate any insights into this behaviour and possible fixes.
Best Regards,
Alexander Lenz