Genesys Cloud - Main

 View Only

Sign Up

  Thread closed by the administrator, not accepting new replies.

  • 1.  How to make Azure AD sync recursively match users

    Posted 08-28-2020 08:19
    No replies, thread closed.

    When using Azure AD and Genesys Enterprise app in replacement for the AD sync we use to have with Bridge, we don't get the same result. We used to have a top group with a lot of sub groups. And with a ldap oneliner we got them all synched. Now if we do the same. We just get the direct members in that group synched. in this example 5 users, the rest of the 91 users are not recursively matched.

    This is another view when choosing users in this group, we just got the green ones. The direct users not the users in the subgroups (DDL's)

    Is it a configuration mistake from my side or is it not possible to get all users in a group hierarchy. 

    #Integrations

    ------------------------------
    Michael Johansson
    Hi3G
    ------------------------------


  • 2.  RE: How to make Azure AD sync recursively match users

    Posted 08-31-2020 09:53
    No replies, thread closed.
    From Microsoft's documentation on the topic: https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/how-provisioning-works

    Nested groups. The Azure AD user provisioning service can't read or provision users in nested groups. The service can only read and provision users that are immediate members of an explicitly assigned group. This limitation of "group-based assignments to applications" also affects single sign-on (see Using a group to manage access to SaaS applications). Instead, directly assign or otherwise scope in the groups that contain the users who need to be provisioned.

    ------------------------------
    Richard Schott
    Genesys - Employees
    ------------------------------

    Original Message


Related Content