Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-15318

A user removed from AD Groups mapped to Salesforce User Roles doesn't get reassigned to the default User Role


    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 7.1.0
    • Fix Version/s: 7.1.0
    • Labels:
    • Environment:
      7.1.0-SNAPSHOT of 21-Aug-2020 22:18, rev# 3fa7028


      This is with the "AD Group to User Role: Advanced Settings" > "When to update" set to "When creating and updating a user" and the default user role ("If value is null apply default value") set to "Sales Manager".

      After I started up IC, I created 2 AD groups - UserRoleGroup1, mapped to Salesforce User Role "Test Role 1", and UserRoleGroup2, mapped to the lower priority "Test Role 2". I then created a user in AD - icUser11 - and added it to both AD groups. After a full recon, icUser11 was created in Salesforce and assigned to the higher priority User Role "Test Role 1", as expected. (This is part of the check_user_role_mapping_with_update_when_creating_and_updating_with_default test.)

      I then updated icUser11 by removing it from all AD groups (other than users). After a full recon, I expected the updated icUser11 to get reassigned to the default Salesforce "Sales Manager" User Role, but it wasn't. Instead, it was reassigned to no User Role with no UserRoleId. After an additional full recon, it was reassigned to the default "Sales Manager" User Role.


        1. log.html
          480 kB
        2. openidm0.log.0
          722 kB



            • Assignee:
              alin Alin Brici
              GErickson Garyl Erickson
              QA Assignee:
              Garyl Erickson
            • Votes:
              0 Vote for this issue
              2 Start watching this issue


              • Created: