Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

GRC x LDAP - When Manager name is not unique?

andreia_ferreira
Explorer

on ‎2020 Jul 27 11:28 PM

0 Likes
639

Dear experts,

LDAP is configured as a data source for search and detailed user in GRC Access Control.

Everything is working fine except... when manager name in LDAP is not unique, see print screen bellow:

  • Issue: Access Request screen: GRC should fetch manager ID 7002115 instead of 2006808
  • In LDAP transaction this is the result for manager search:

  • But in LDAP there are three users with this same name (CN attribute)

As a result in access request screen GRC fetch manager 2006808 instead of 7002115 😞

  • Field mapping for actions 3 and 4:


Connector atributes

Well as mentioned before our issue happens when manager name is not unique in MS AD, and GRC fetches other manager than what is expected. Is it something that is being missed?

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
former_member695876
Explorer
‎2020 Aug 09 1:37 PM
0 Likes

Are you on GRC 10 or GRC 12, please specify SP.

Also check below note

2369163 - UAM : Wrong manager ID returned from LDAP when multiple users with same name

Note applicable for GRC 10, GRC 10.1

Accepted Solutions (0)

Answers (1)

Answers (1)

Monsores
Active Participant
‎2020 Aug 12 12:16 AM
0 Likes

Hi Andreia.

If the note mentioned by Sandeep doesn't solve your issue, please check and update your post because I believe there are some images missing.

But, as a general rule, if multiple results come from the GRC query in LDAP for a data source query, the first one will be taken.

Regards,

Marcelo Monsores

Show replies
Show replies
Ask a Question