-
Title
Member Of tab for user objects not showing cross-domain group membership -
Description
When viewing the Member Of tab for a user object: The Member Of tab is not showing all membership for users, not listing all of their users cross-domain group membership. Note that SOME cross-domain membership is displayed - just not all.
In at least one test, clicking on the option to show nested membership showed one group from a domain for which no other membership was displayed.
When attempting to add the user to a new group from this tab and other domains are not available to select from. Only the domain in which the user resides is displayed.Scenario Description:
Many child domains in a single forest, along with one empty root domain,
ie.root child1 child 2 child3 etc...
When you go to a user of child 1, select MemberOf and hit ADD button - it only displays the objects from child1 domain.
However, when you go to the group (universal) located on child2 or child3, you can click 'members' and all the domains are visible.
-
Cause
Limitation of ActiveRoles Server.
-
Resolution
WORKAROUND
1. Create a Managed Unit. Within the managed unit, select Include Explicitly and choose Add.
2. Select the Browse button, navigate to your second domain and select OK.
3. In the object selection box, select all objects you want to be visible and select Add.Now when you go back to that user, hit MemberOf, select the browse button once again.
This time, choose the Managed Unit which was just created. Click on Click here to display objects.