JoseReyes (Customer) to rsaSFDCadmin (RSA): asked a question.
Multiple AD Domains, objectSID for well known groups fail to collect
We have multiple AD domains and we have enabled the checkbox on our collectors
to collect objectSID attribute for our groups. The issue we're seeing is that
RSA fails to collect groups in different domains that have the same objectSID.
These are AD defaults for groups like Administrators, Account Operators,
etc...
Error: Message[Account Data Validation: The ObjectSID value is already
assigned to another active Account or Group in the environment.]
Has anyone be able to successfully collect these groups while also collecting
objectSID for Foreign Security Princiapls?
to collect objectSID attribute for our groups. The issue we're seeing is that
RSA fails to collect groups in different domains that have the same objectSID.
These are AD defaults for groups like Administrators, Account Operators,
etc...
Error: Message[Account Data Validation: The ObjectSID value is already
assigned to another active Account or Group in the environment.]
Has anyone be able to successfully collect these groups while also collecting
objectSID for Foreign Security Princiapls?
reporting this were requested to submit an idea on RSA Ideas but I don't see
that that was done. It would require collecting something else unique to
identify the domains.