• State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 62 subscribers
  • Views 6838 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Primary / Secondary Owners inheritance

jwheele9
over 5 years ago

I'm looking to automate the primary/secondary owners of Security Groups - based on the primary/secondary owners of the OU that the Security Group is contained within.

Security Groups (top ou)

--Application Groups (sub ou)

-- --Application Team1 (sub ou)

Application Team1 OU will have a primary owner (the manager of the application team1 "team")

Application Team1 OU will have a secondary owner (the security group Application Team1)

I want all groups created in the Application Team1 OU to be auto populated with the primary/secondary owner from the parent OU. If the manager is ever replaced, we could change the owner of the Application Team1 OU and it will automatically update all the security groups below it.

 

Hopefully that makes sense. Seems like it would be easy to do, but I'm struggling a little bit.

Thanks

Parents
  • +1 over 5 years ago
    IMO, the solution consists of two parts:

    1) The initial population could easily done by a property generation & validation rule within a group provisioning policy that applies these values at group provisioning time.

    2) For updates, I would setup an AR workflow that watches for changes in these values on the parent OU (start condition) and then finds all the groups in the OU (search activity) and updates the owner attributes (update activity).
Reply
  • +1 over 5 years ago
    IMO, the solution consists of two parts:

    1) The initial population could easily done by a property generation & validation rule within a group provisioning policy that applies these values at group provisioning time.

    2) For updates, I would setup an AR workflow that watches for changes in these values on the parent OU (start condition) and then finds all the groups in the OU (search activity) and updates the owner attributes (update activity).
Children
No Data