on 02-15-2018 10:29 AM
Hi Experts,
In my current assignment, IDM Being parent system and AD,SAP system are Child system. And we are managing few AD groups dynamically based on user's location.
Issue is a user is assigned to AD group Dynamically in IDM via Role, which shows OK status in IDM however it didn't replicated into AD.
Issue is for Role Delete Button is disabled as Role is assigned to user Dynamically.
Can you please advise me action?
You wrote, that the business role is assigned dynamically? I assume you mean via a dynamic group?
The easiest way to re-assign that business role and trigger reassigment of the attached privileges would be to exclude the mskey of the user in the SQL filter query of the dynamic group, recalculate the group (the user will be deleted from the BR), wait a moment, then put the SQL filter back to normal, recalculate the dynamic group again and check if the assignments now went to the backend.
.
That's what I normally do. ^^
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
98 | |
11 | |
11 | |
10 | |
10 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.