Hello ,
To test a scenario out where I have a single Managed unit with all users. Only want admins from same department to see and modify users from same department.
Enabled AD claim rules on domain and ARS server, setspns as described in the admin guide.
I have an basic user modifications - Access template linked to a user, the claim is the department field just as in the admin guide.
It appears to work, but once that user logs out of the ARS console and logged back in, the claims is no longer valid (not showing users from same department)
Now if I delete the Access template link and recreate using same AT then it works again , but only during that users session.
What am i missing here? has anyone else seen this type of issue using basic claim rule ?