This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to remove AD group tied with system role from user

Hi,

I have tied AD group with system role in Manager. When I assign system role to user, the corresponding AD group gets assigned to user but now when I try to remove the system role from user, corresponding AD group doesn't get removed. Why is it so? Do we need to modify or configure anything for this scenario?

Parents

0 Markus Weiss-Ehlers over 6 years ago
So you directly assigned the system role to the person and you have seen that the AD user linked to the person got the new AD group membership. Then you directly removed the assignment of the system from the person put the AD group membership was not revoked for the linked AD User.

Is the membership still present in OneIM or has it just not been removed from AD?

Did you check the DB queue and the Job Queue for pending jobs?
Cancel
Up 0 Down

Cancel

Reply

0 Markus Weiss-Ehlers over 6 years ago
So you directly assigned the system role to the person and you have seen that the AD user linked to the person got the new AD group membership. Then you directly removed the assignment of the system from the person put the AD group membership was not revoked for the linked AD User.

Is the membership still present in OneIM or has it just not been removed from AD?

Did you check the DB queue and the Job Queue for pending jobs?
Cancel
Up 0 Down

Cancel

Children

No Data

Endpoint Privilege Management

Unable to remove AD group tied with system role from user