The “Ignore System Access Policies” will only block the System Access Policies from the Managed System.
To have the Managed Account option “Ignore System Access Policies” block the System Access Policies from Collections that the Managed System is a member of, please follow the below steps:
1. Log into the Admin Interface:
a. In TPAM 2.5 this is https://IP_or_DNS/Admin
b. In TPAM 2.4 and below this is https://IP_or_DNS/paradmin
2. Select “System Status/Settings” and “Global Settings” from the Main Menu
3. Enable the “Role Policy” setting “Ignore Policies includes collection membership” as this controls the scope of the Ignore System Access Policies check box on the Managed Account.
a. If Yes is selected, the check box will ignore both system and collection level permission assignments which apply to the account’s parent system.© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center