Hi
Is it possible to add a user to a non-MIM-managed AD group?
Hi,
Ah, a classic question :) I take it you want to be able to add non managed users to a group managed by MIM?
Well, the first answer is "no". All members that MIM should handle also needs to be managed by MIM.
That being said, there are a couple of work arounds or other best practises:
If possible, nest the MIM managed group in another group (that is actually used), and then manually manage the non-managed members in that "parent" group
Write a really complex Rule Extension to make MIM ignore non managed users (otherwise, MIM will remove non managed users from the group).
Manage the users using e.g. a Workflow from the portal that adds and removes users (this is the way to go if neither user nor group is managed by MIM, but I advice you not to do it).
I advice you to not go the workaround road, trust me, I've been there. It works, but it's tedious.
Actually, the best solution is to start managing the users and the groups in MIM.
Happy Easter!
Br,
Leo
Cant we use the Generic LDAP Connector to the the user to an AD group if we have the correct privilege's. I haven't explored this but can be tried.
Hi,
Perhaps this question could use it's own Thread, but yes you can.
But I don't think you should. When connecting to AD use the built in AD Connector preferably.
Br,
Leo
4 people are following this question.