RSA IMG : 18.104.22.168953 P12
I am not able to see Group Owner under Groups( Active Directory ADC)
Collectors > Unification > Resolution Reference - Says Group Owner info not collected.
How do i collect it ?
Out of the box, the Group object contains an Owner attribute (screenshots below)
In the Account collector configuration, you should populate the Owner attribute with data from the managedBy attribute (in AD)
I assume that you have the managedBy attribute populated in active directory with the relevant information (DN of the owner)
In the Group Owner Resolution Rules section, you should point to the attribute which holds a distinguishedName of an account
In the Resolution Reference section you see only the identity collectors and not account collectors.
Hello Boris Lekumovich,
in my use case, I populate the Owner attribute with data from the managedBy attribute (in AD). But Owner data is not present in Account Collector's Groups tab, even values of Owner are populated from managedBy attribute - can see that in collection RAW data.
I assume, this is because manageBy attribute's format is DN, while User Id/Unique Id (defined in Group Owner Resolution Rules) is not in DN format (I am not aware of DN format attribute within IDC). Therefore manageBy and User Id don't match and mapping cannot be resolved.
Is my assumption correct, or did I miss something in my configuration?
Your assumption is correct.
You can collect the DN to one of the user's attributes and then use it in the resolution rules configuration.
Retrieving data ...