Authentication Policy Group/Organization name change issue

History 

Working with Policy Manager Administrators have the ability to setup custom Authentication Policies. 

Authentication Policies could be configured with Directory Manager > Groups. These Groups could be Sync'd from Active Directory or be local to Passly.

Problem

Passly does not update Group names dynamically in Authentication Policies if the name of the group is changed. 

If you change the name of Group/Organization locally or via AD, the name change is not applied to Authentication Policy.

This happens when you have an Authentication policy that is set for your organization, endpoint, etc. This Authentication policy has the criteria ‘is member of a group’ or ‘is not a member of a group’ and you change:

  • The name of the appropriate group in the Directory manager -> Groups tab;

 

  • The name of the the organization that contains your group in the Directory manager -> Organizations tab.

In both cases, the group name will be displayed with the old group/organization name and Authentication Policy will work different because the names will not match.

Resolution

Resolving this problem includes the following steps:

  1.  Navigate to Authentication in Policy Manager tab;
  2.  Open an existing Authentication Policy that contains the criteria ‘is member of a group’ or ‘is not a member of a group’;
  3. Remove the appropriate group whose name was changed/organization name was changed;
  4. Find this group with the correct group name/organization name and select it using the checkbox;
  5. Save changes.

Now your Authentication Policy should work correctly.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section