This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to remove AD group tied with system role from user

Hi,

I have tied AD group with system role in Manager. When I assign system role to user, the corresponding AD group gets assigned to user but now when I try to remove the system role from user, corresponding AD group doesn't get removed. Why is it so? Do we need to modify or configure anything for this scenario?

Parents

+1 Markus Weiss-Ehlers over 6 years ago
I tried to reproduce this in my version 8 environment and it worked.

Did you check that for the AD Group membership the System Role is the only source of the entitlement? You can check the origins of the Person using the report "Show entitlement origin" If the system role is not the only source, that would explain why there is no removal triggered.

In one of your other threads, you wrote about the IT Shop. Just for clarification, did you request the System Role assignment for the Person or did you manually assigned it in the Manager?
Cancel
Up 0 Down

Cancel

Reply

+1 Markus Weiss-Ehlers over 6 years ago
I tried to reproduce this in my version 8 environment and it worked.

Did you check that for the AD Group membership the System Role is the only source of the entitlement? You can check the origins of the Person using the report "Show entitlement origin" If the system role is not the only source, that would explain why there is no removal triggered.

In one of your other threads, you wrote about the IT Shop. Just for clarification, did you request the System Role assignment for the Person or did you manually assigned it in the Manager?
Cancel
Up 0 Down

Cancel

Children

No Data