AnsweredAssumed Answered

Can members of a security group added to ManagedBy AD attribute be collected to IGL as group owners?

Question asked by Marketa Buresova on Jul 24, 2019
Latest reply on Jul 26, 2019 by Frank Schubert



we want to collect owners of AD groups from AD Group object attribute “Managed-By”. This attribute is however single valued, i.e. only one value can be inserted into this attribute. Some AD groups have more than one owner defined. To overcome this limitation, our AD team suggested that they can add a security group to the “Managed-By” field, members of this security group would then act as group owners and access request approvers.


The question is, does IGL v7.0.2 (or any newer one) has an ability to collect members of the security group set in the Managed-By field so that they can be set as access request approvers in the approval workflow?


Can anyone advise please?

Thanks much!