How to Synchronize Nested AD Group Users from an RSA SecurID Access Identity Source
Originally Published: 2017-11-27
Article Number
Applies To
Issue
For example, say the search filter is:
(&(objectCategory=Person)(sAMAccountName=*)(objectClass=user)(mail=*)(memberOf=CN=ParentGroup,CN=Users,DC=example,DC=com))
and ParentGroup contains a nested group. The users in the nested group will not be synchronized.
Resolution
(&(objectCategory=Person)(sAMAccountName=*)(objectClass=user)(mail=*)(memberOf:1.2.840.113556.1.4.1941:=CN=ParentGroup,CN=Users,DC=example,DC=com))
Notes
Related Articles
The Active Directory Account Collector does not collect the AD Domain Users Group in RSA Identity Governance & Lifecycle Number of Views A change request to remove role access from a user tries to remove AD group (indirect access from role) which no longer ex… Number of Views How to selectively challenge users and applications with RSA AD FS agent 1.x Number of Views RSA Governance & Lifecycle Recipes: Report - AD Group Summary Number of Views The RSA Identity Governance & Lifecycle AD Collector and AD ADC authentication source fail to establish a TLS 1.2 SSL conn… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
