In our IM environment, the Admin Role is associated with User's group membership, sometimes we assign Admin Role to an IM user by directly modifying the associated group membership in the user store. However, as IM is caching the Admin Role membership, it's unable to be aware of the change made by a third party tool directly in the user store. Hence how do we let IM to refresh the Admin Role cache and reflect the User's Admin Role membership correctly?
Release: CA Identity Manager Component:
As Modify Admin Role task can refresh the role membership cache. Hence we can use Modify Admin Role task to modify the involved Admin Role, and submit the task without making any change, then IM server will refresh the role membership cache and reflects the user's Admin Role correctly.
In order to let these happen automatically, we can create a Bulk Task to trigger the Modify Admin Role task automatically.