Return
-
Title
Deny or Allow permissions not being applied from an Access Template -
Description
Scenario: You have created a template to Deny Read/Write to an attribute. After applying the template to an OU and delegating to either a group or individual user, the attributes are still visible and able to be written to.
-
Cause
This could be caused by a Managed Unit granting permissions that override the deny permissions.
-
Resolution
If any Access Templates are applied to a Managed Unit, they can override the permissions granted on the OU.
Enable the Advanced Details Pane option in the Active Roles Console (View -> Advanced Details Pane) and review the Access Templates applied to the OU. If the permission is applied to a Managed Unit, it will be listed in the Directory Object column.