Issue with AD Group Visibility for Subordinates in Quicklink Population

Ranjith25 · November 18, 2024, 8:09am

Hi All,

I created a Quicklink population for managers, allowing them to raise requests for AD groups based on application. The rule works as expected for managers, who can see the AD groups if they have an account in the application.

but, when I try to raise a request for my direct subordinates, who do not have an account in the application, they are still able to see the AD groups. This happens because I, as the manager, meet the criteria. The issue is that subordinates should not be able to see the AD groups if they do not have an account in the application, even though the manager can see them.

Can anyone advise how to resolve this?

Thanks,
Ranjith M.

enistri_devo · November 19, 2024, 8:22am

Hi @Ranjith25,

IIQ doesnt block the possibility to assign an entitlement on an identity doesnt have the entitlement’s application. You must use the identitySelector rule on entitlement on quicklink, to filter them,

system · January 18, 2025, 8:22am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.