Modifying Group Membership in an LDAP Directory
Modifying Group Membership in an LDAP Directory
In order to optimize performance and minimize traffic between AM and an LDAP directory, AM caches information about user group memberships. When a user’s group membership is changed in an LDAP directory, AM cannot acknowledge the change until the cache is refreshed. As a result, these changes take effect after the cache refresh interval has elapsed. In the time between the change and the refresh, you may see the following behaviors:
- A user added to a group that has access to a restricted agent cannot authenticate to the restricted agent.
- A user who has been removed from a group that has access to a restricted agent can still authenticate to the agent.
You can flush the cache immediately using the Operations Console. For more information, see Flush the Cache.
For more information on configuring the cache, see Configure the Cache.
Related Articles
CSV Format for User Group Membership Requests Input File Number of Views Change in the review behavior while using "Include group memberships that are entitlements of their assigned global roles"… Number of Views List User Group Membership in Reports Number of Views View User Group Memberships for a User Number of Views View User Group Memberships for a User in the User Dashboard Number of Views
Trending Articles
RSA Authentication Manager Patch Updates RSA SecurID Software Token 4.1.2 and 4.2.1 for Mac OS X displays: No token storage device was detected. Verify that the de… How to manipulate imported RSA SecurID Software Token(s) on an iPhone or iPad device RSA SecurID software token .sdtid file fails to import into RSA SecurID Software Token 5.0 for Windows Configuring a Checkpoint firewall to work with SecurID
Don't see what you're looking for?
