Unix servers were moved from one OU to another in AD. We lost all Unix devices, target applications and accounts. The automatic LDAP refresh deleted the entries and then created new ones. All Unix servers are inaccessible now, because the target accounts used for auto-login are gone.
The automatic LDAP refresh processes one device group at a time. If the group that the devices used to belong to, but are no longer member of, is refreshed first, the devices, and all associated target applications and accounts, will be deleted. When the group that the devices moved to is refreshed, or possibly added as new group, later, the devices will be created new, but without target applications and accounts. Those will have to be created again.
Release : 3.4
Component : PRIVILEGED ACCESS MANAGEMENT