PAG Module accounts and users are read-only in One Identity Manager

Hello,

We have installed the PAG Module of One Identity Manager. There are no issues with the installation, but when we pull the accounts and users added to Safeguard via Active Directory to the IDM side with the PAG Module, they come in as read-only, and we cannot make any changes to them. What is the exact reason for this? Why do the pulled accounts have read-only permissions?

0 Tawfiq.Ahmad 6 days ago

Hi,

Active Directory accounts are added under an Active directory Asset in SPP and then SPP would update changes to specific attributes from AD using a one way directory sync (From AD to SPP) therefore no changes can be done from SPP back to Active Directory.

The AD account object changes must be done from Active Directory side instead which will then get updated in SPP side once directory sync runs to pull these changes.

Thanks!
Cancel
Up 0 Down

Reply

Verify Answer

Cancel