Is it possible to update group memberships in SDM via an ldap_sync run?  In the backend LDAP Server, a given contact was assigned to a different group and the idea is to reflect that change in SDM via running pdm_ldap_sync

Release: 12.6 or higher
Component:  CA Service Desk Manager

the pdm_ldap_sync command does not natively support control of group memberships defined in LDAP. There are several workarounds one may follow to try and control group membership based on LDAP definitions.

1. Use PAM + powershell to collect that information from MS AD and add it to SDM using pdm_load utilities if auditing is not necessary, or web services if auditing is required.

2. If you have SC, you can use a Catalog Service where the users/groups are collected and the SDM ticket is created with workflow tasks where this is done automatically using PAM macros/processes.

3. Give permissions to the group supervisor to update these relationships