Skip navigation

Allow dynamic populations based on nested directory groups

score 10
You have not voted. Not Planned

Like it says on the tin.  This is particularly important with respect to User Groups.

 

You can create a User Group that is based on the members of a Security Group in Active Directory.  This will not populate any users that are members of a group nested within this group.  As an example use case, let us say you have several ADGroups for RBAC at multiple facilities in your organization.  You might have a security group for a given role at each facility, and then a parent role that encompasses all facilities.  Life would be good if you could create a User Group with a Dynamic Population that is targeting this parent group.  Unfortunately this will only work if users are directly assigned to the parent group.

 

Instead, allow the synchronization process to recursively get the user objects of an ADGroup.

Comments

Vote history