In its current implementation, a Change Workflow triggered by adding or removing a member from a group verifies if the first added member meets the given criteria and will proceed to add all of the added members in the same operation, even if the criteria is not met on subsequent objects.
This has been identified as a Product Defect and is being tracked as Defect ID 122372.
WORKAROUND
The attached script module and Change Workflow can be used as an example of a scripted workaround for this product limitation.
STATUS
Waiting for a fix in a future release of Active Roles.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center