Hello,
We have a user who is added in two different active directory groups. Both of these AD groups are added under the 'Manage Group Account' section. But when the user logs in, he is able to see the permissions as set the lower order group.
Here is the example:
- User A is added in to both AD1 and AD2 active directory groups.
- Then I have added these AD1 and AD2 groups in to WPM under 'Manage Group accounts' section.
- I have set the AD1 group as highest order (order number 1) with 'Group of Group' limitations but have access to Transaction summary, Transaction details, step details, Location details with WPM user role.
- I have set the AD2 group as lowest in that order (order number 4) with no account limitations but can only view Transaction summary with WPM user role.
When User A logs in to Web console, he has been logged in as AD2 group and is provided with views and permissions as specified in AD2 and not AD1 though it is in highest order (order 1).
I have even tried changing the order of AD1 and AD2 but no change in his view.
Does any one know whether I am doing anything wrong here or help me fix this issue?
Cheers,
Shivram.