we want to collect owners of AD groups from AD Group object attribute “Managed-By”. This attribute is however single valued, i.e. only one value can be inserted into this attribute. Some AD groups have more than one owner defined. To overcome this limitation, our AD team suggested that they can add a security group to the “Managed-By” field, members of this security group would then act as group owners and access request approvers.
The question is, does IGL v7.0.2 (or any newer one) has an ability to collect members of the security group set in the Managed-By field so that they can be set as access request approvers in the approval workflow?
Can anyone advise please?