Enhance Active Directory User Source to support nested groups
complete
d
d.walters@schenckprocess.com
Instead of assigning Roles based on the user properties, add the ability to search for the roles to be assigned to a particular user.
It could be exactly the same as the role search except it would be used to assign roles to a user.
This would properly assign roles that are configured with nested groups in AD.
Log In
C
Chris Nathan
complete
Completed by IGN-5833. To be released in version 8.3.0
C
Chris Nathan
This feature is complete and will be released in version 8.3.
T
Timothy Manning
in progress
D
Douglas Yerger
I have several customers that normally use nested security groups that have been forced to create workflow exceptions for Ignition roles. Ignition should be able to find all roles a user has whether from being a direct member of a group or being part of a nested group.
awalker
under review
R
Ryan Crownover
Agreed. Currently cannot leverage the memberOf:1.2.840.113556.1.4.1941: style query to get nested groups because Ignition's AD user source config only provides a User Role Attribute, not a User/Role relationship filter.
This has caused repeated headache for role management on the end of large corporate IT departments that are my customers.