• State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 94 subscribers
  • Views 2162 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD group role based assignment

saisanjay balaji
over 5 years ago

I tried to implement business role based AD group assignment via One IDM.

Though users are getting added, users who are no longer having the role are not being removed from the AD group in One IDM.

Parents
  • 0 over 5 years ago

    Hi Sai,

    Please verify the Xorigin value as there might be a chance that AD group might have added to AD by some other means.

  • 0 over 5 years ago in reply to badebaji sayyad

    Hi Badebaji,

    The AD group was created in AD end and synchronized to one IDM.

    Initially there were no users. I assigned this AD group to a business role. A dynamic role was created for the membership to the business role. 

    My issue is now as follows.

    User when having the business role are added to the AD group. However, they are not automatically removed when they are no longer possessing that role.

Reply
  • 0 over 5 years ago in reply to badebaji sayyad

    Hi Badebaji,

    The AD group was created in AD end and synchronized to one IDM.

    Initially there were no users. I assigned this AD group to a business role. A dynamic role was created for the membership to the business role. 

    My issue is now as follows.

    User when having the business role are added to the AD group. However, they are not automatically removed when they are no longer possessing that role.

Children