Users that are members of multiple security groups in multiple OU sites are not showing up on AD Filters

book

Article ID: 163053

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

Situation: there are multiple sites where each site has its own OU and security groups and users could be a members of multiple groups in multiple sites. 

Problem: When running separate AD imports for each security group, the first import affiliates the user to the first Security Group, then when the next import occurs the users drop their previous affiliation if they are in another security group.

Apparently this does not happen when running one import of all OUs/SGs but this is not practical for a large environment with the need to run these imports multiple times per day on some sites.

Cause

Known issue.

Resolution

This issue has been reported to Symantec Development team. The fix is provided in ITMS 8.0 HF1.

A pointfix is available for those with ITMS 7.6 HF6. See attached file "Pointfix_eTrack3920467_SMP_7.6_HF6.zip"

For those customers with ITMS 7.6 HF7, please refer to KB INFO3459

 

REQUIREMENT
SMP 7.6 HF6

 

HOW TO INSTALL THIS POINTFIX

1.         Extract files from the archive to the NS hard drive. Make sure Point Fix is not extracted to Altiris install directory (or any subfolder to it).

2.         Execute PFInstaller.exe with administrative privileges (right-click > Run as administrator). Select "Install Files".

3.         Accept UAC (User Account Control) if prompted, select Install Files. Old binaries will be automatically backuped to the Backup folder at the same location where PFinstaller is and replaced with the new ones. Log-file Log.txt will be created at the same location where PFinstaller is.

4.         Close PFInstaller window.

 

QA PERFORMED

  • Tested PF on  ITMS 7.6 with HF6 installed using following scenarios:
  • Verified pointfix installs / uninstalls successfully
  • Verified that AD import works successfully for following AD structure:

 

- Users in Security Groups:

USER-AB  --- |--- SG-A

             |--- SG-B

 

USER-BC  --- |--- SG-B

             |--- SG-C         

 

USER-ABC -- |--- SG-A

            |--- SG-B

            |--- SG-C

            |--- SG-ABC

 

- Security Groups in Security Groups

SG-ABC   ---|--- SG-A

            |--- SG-B

            |--- SG-C

 

- Associations between users:

USER-AB  <--- USER-BC

USER-BC  <--- USER-ABC

USER-ABC <--- USER-AB

 

  • Verified that other AD functionality was not broken

 

Attachments

ReadMe.pdf get_app
Pointfix_eTrack3920467_SMP_7.6_HF6.zip get_app