How to Synchronize Nested AD Group Users from an RSA SecurID Access Identity Source
Originally Published: 2017-11-27
Article Number
Applies To
Issue
For example, say the search filter is:
(&(objectCategory=Person)(sAMAccountName=*)(objectClass=user)(mail=*)(memberOf=CN=ParentGroup,CN=Users,DC=example,DC=com))
and ParentGroup contains a nested group. The users in the nested group will not be synchronized.
Resolution
(&(objectCategory=Person)(sAMAccountName=*)(objectClass=user)(mail=*)(memberOf:1.2.840.113556.1.4.1941:=CN=ParentGroup,CN=Users,DC=example,DC=com))
Notes
Related Articles
The Active Directory Account Collector does not collect the AD Domain Users Group in RSA Identity Governance & Lifecycle Number of Views RSA Governance & Lifecycle Recipes: Chart - AD Group Summary Number of Views Incomplete Collection of AD Groups in RSA Identity Governance & Lifecycle Number of Views RSA Governance & Lifecycle Recipes: Report - AD Group Summary Number of Views When Active Directory is integrated using Winbind, group membership for Active Directory users fails with the RSA Authenti… Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
