04/14/2023 06:55 AM
The Active Directory connector supported way of managing apps using AD groups, as an endpoint appears extremely poor. Is there any better way to manage AD based applications other than through a JSON entry and basing only on distinguishednames?
Our account team advised to raise an idea - Please vote up if you have the same issue:
https://ideas.saviynt.com/ideas/EIC-I-4489
The JSON ENDPOINTS_FILTER config entry
This is barely manageable for a few endpoints and groups. There needs to be a better "front-end" with a group picker.
The mapping to Group distinguishednames. This is cumbersome to manage, and prone to breakage when groups are moved or renamed in Active Directory. Groups should be linked to an immutable attribute, i.e. ObjectID.
04/16/2023 11:56 PM
Thank you for creating Idea, please share more details requested over Idea portal which are requested from Saviynt team.