AD ‘Import Role and Account’ rule ignores members of importing group (AD users and groups):
a. Located in others (independent) trusted Domains
b. Located in other Parent/Child Domains
To reproduce the issue:
1. Have an Active Directory forest with at least 2 Active Directory Domains (e.g. DomainA, DomainB)
2. Create a User ID in DomainA named User1
3. Create a UserID in DomainB named User2
4. Create a AD Security group in DomainA named SMPAdmins, and make it a universal group.
5. Add DomainA\User1 and DomainB\User2 into the AD group DomainA\SMPAdmins
6. On the SMP, configure the Role and Account to import from DomainA, from SMPAdmins group. Run the rule.
7. It will create the associated role (DomainA\SMPAdmins) along with the user (DomainA\User1) however it will not create DomainB\User2.
This issue has been reported to the Symantec Development team. A permanent fix will be provided in the next major release , in this case ITMS 7.1 SP2 MP1 and ITMS 7.5.
Symantec Management Platform 7.1 SP2
SMP 7.1 SP2 Rollup v2, v3, v4
Did this article resolve your issue?
Did this article save you the trouble of contacting technical support?
How can we make this article more helpful?
Email Address (Optional)
Login to Subscribe
Please login to set up your subscription.
Get support for your product, with downloads, knowledge base articles, documentation, and more.
Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.
Submit a suspected infected file to Symantec.
Report a suspected erroneous detection (false positive).
Create and manage cases, manage licensing and renewals, submit threats, and enroll with Symantec Rewards.
Customer and Technical Support phone numbers and hours of operation.
User-to-user forums, blogs, videos, and other community resources on Symantec Connect.
Set default language
Do you wish to save this as your future site?