Hi,
I would like to make OneIM authoritative for several AD groups' membership, so I created a mapping and a workflow to achieve it. Every day I run the synch to add or remove membership on AD depending on what I have in ADSAccountInADSGroup, the result is that if users are added or removed manually in AD, then OneIM revert the changes. All seems work good, but the problem is that I do not manage some kind of users, for example users with specific attribute that belong to another company.
The question is, can I "overwrite" the AD group membership just for those user account I have to manage and exclude some other users depending on some attributes? It would be great if I can do it through the synch project directly. Or do you think I have to implement something more "complex" like import membership on OneIM and create a process that checks the membership and then re-provisions?
Version:8.2.1
Thanks,
Roberto
