Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-15114

A deleted AD group is still seen when clicking 'Add AD group' on 'AD Group to Profile' tab

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Not a defect
    • Affects Version/s: 7.0.0
    • Fix Version/s: None
    • Labels:
    • Environment:
      7.0.0-SNAPSHOT of 6-Jul-2020 19:12, rev# b9cf76d

      Description

      Changes in Active Directory to groups within the group base context should be updated in IC via live sync so that the current list of AD groups (available to map to a Salesforce policy) should be seen when clicking 'Add AD group' on the 'AD Group to Profile' sub-tab of the MAPPING tab. If you delete a group in AD, it incorrectly continues to be seen in that list. (On the other hand, if you add a group in AD, it is correctly added to that list.)

      Also, an AD group that no longer exists but is still in the 'Add AD group' list can be added to the mapping, which perhaps should not be allowed.

      There is a workaround: on the Settings > Diagnostics page, click 'Reconcile Now' for the systemADGroup_managedRole mapping.

        Attachments

          Activity

            People

            • Assignee:
              alin Alin Brici
              Reporter:
              GErickson Garyl Erickson
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: