This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Dynamic Business Role and removing ad Group while retaining membership - viinherite

Hi all,

 

1IM v6.1.4 ( soon to be 7)

 

I am using a Dynamic Business Role to populate AD Groups used for access security. I need to be bale to remove an AD Group from the Dynamic Bus Role and have the ad Group retain the memberships. 

 

I created a Dynamic Business Role in my test env, created 2 ad groups in the domain. Associated the 2 AD Groups to the Dynamic Business Role, Let them cook and populate. Verified via the domain that they have memberships. I then removed one of the AD Groups. In a reasonable time all of the memberships were deleted. Makes sense. ( All of the entries in adsaccountinadsgrouptotal for the group had niinherite set to 4 (Dynamic).

 

2nd test, Sams as above but before i removed the AD Group from the Dynamic Business Role I updated adsaccountinadsgrouptotal table entries for the target group, updating the viinherite from a 4 to a 6 (Indirect, dynamic). Removed the AD Group, then later all memberships were automatically removed.

 

3rd test, same as above but changed the viinherite to a 7 (direct, indirect and dynamic). Same result.

Is there a way to preserve the membership when removing a AD Group from a Dynamic Business Role?

 

Thanks in advance, Todd Fendt

 

  

Parents
  • George is right. You have to create the entries in ADSAccountInADSGroup for each of the members in ADSAccountInADSGroupTotal you do not want to be deleted.

    The flags in the total table will be changed accordingly by the system.

    General advice, do not mess with the flags to avoid any unnecessary trouble.
Reply
  • George is right. You have to create the entries in ADSAccountInADSGroup for each of the members in ADSAccountInADSGroupTotal you do not want to be deleted.

    The flags in the total table will be changed accordingly by the system.

    General advice, do not mess with the flags to avoid any unnecessary trouble.
Children
No Data