Symantec IGA

  • Private Community

  • 1.  GM with AD Groups

    Posted Apr 26, 2016 08:33 AM

    Hello Team,

     

    Please let me know the working process , when we revoke the user's AD groups from the GM as a certification part , user groups should be revoked automatically from Active Directory.

    Customer want to go automatic process once group has been rejected in GM then selected user group should be revoked from AD.

     

    Thanks in Advance.

     

    Thanks,

    Santhosh



  • 2.  Re: GM with AD Groups

    Posted Jun 03, 2016 03:33 PM

    Sorry for the delay, we will research this and get back to you



  • 3.  Re: GM with AD Groups

    Broadcom Employee
    Posted Jun 03, 2016 03:42 PM

    This can be set up to be automatic if you are using either the CA JCS connector or the IM connector. 



  • 4.  Re: GM with AD Groups

    Posted Jun 16, 2016 06:34 AM

    Hi Ricky,

     

    Thanks for letting me know. Please can you explain in detail in both the cases "either the CA JCS connector or the IM connector"

     

    Thanks in Advance...



  • 5.  Re: GM with AD Groups
    Best Answer

    Broadcom Employee
    Posted Jun 16, 2016 03:32 PM

    See the CA documentation at:  Integration Concepts - CA Identity Governance - 12.6.5 - CA Technologies Documentation

     

    The documentation referenced is for the IM connector, but the JCS connector works basically the same way for a few endpoints (including AD).  The data is imported via the JCS connector, a certification is run, rejected links can be exported which will remove the rejected links in AD (ie. remove a user from a group).