Authorization in IAG: ActiveDirectory:Global group nested in Universal group RRS feed

  • Question

  • Hello All,

    This is for authorization of one of the the published application in IAG.

    Whole scenario should be like this..

    1. One particular application should be published in IAG.

    2. Need to restrict it's access based on Active Directory Users group (Universsal-Security)

    3. Need to give access rights to Universal Group in where there is only a global group(security). This way global group is an only member of this Universal group.

    Now, actual situation is like this..

    1.In IAG, "Authorization" tab of that particular application, we select Universal group that can access the application in IAG.

    2.But, the user who is a member of global group, can not see that application despite this global group is a member of Universal group that has been "Allow" in Authorization Tab of that application.

    3. If we make user a member of Universal group directly or allow access of global group where user is a member, works well.

    Any thoughts?Any idea?





    Wednesday, March 31, 2010 4:46 PM


  • I'm marking this question as resolved, even though it is not, as it appears that this issue has too many variables to be resolved within the limited abilities of a supprot forum. If this is still unresolved, Ashu, I might suggest you open a support case with Microsoft CSS, and have it investigated throroughly.

    Ben Ari
    Microsoft CSS IAG Support
    Sammamish, WA
    • Marked as answer by Erez Benari Wednesday, May 12, 2010 7:51 PM
    Wednesday, May 12, 2010 7:51 PM