beautypg.com

HP Identity Driven Manager Software Series User Manual

Page 62

background image

2-46

Getting Started
Monitoring User Session Information

12. An Importing Users dialog box will display the number of users being imported

and a progress bar indicating how long the process is taking. When you are done
monitoring the progress of your import, click Close.

If you are importing users from AD into the IDM database instead of using SNAC,
an Access Policy Group is created for each selected Active Directory group, and
all users that belong to the selected groups will be imported from the Active
Directory server into the appropriate Access Policy Group. Changes to users in
the selected groups will be imported (synchronized) as long as the Active
Directory Synchronization is enabled.

The Importing Users dialog closes automatically when the synchronization is
complete and the Preferences window remains open.

Operating Notes:

If a user belongs to more than one Active Directory group, the user is
imported into the IDM Access Policy Group with the highest priority (set
in User Directory Settings Preferences).

If an Active Directory group is deleted while Active Directory synchroni-
zation is enabled, the associated Access Policy Group is deleted. If that
group is the priority IDM Access Policy Group for a user who belongs to
more than one Active Directory group, the user is automatically reassigned
to the next highest priority Access Policy Group. Users who do not belong
to more than one Active Directory group are reassigned to the default Access
Policy Group for the Domain.

If an Active Directory group is deleted while Active Directory synchroni-
zation is disabled, the associated Access Policy Group is NOT deleted when
synchronization is enabled. However, all users will be reassigned to other
groups (next highest priority or default Access Policy Group for the
Domain) as part of the resynchronization process.

Users deleted from Active Directory while synchronization is disabled are
assigned to the default Access Policy group during the resynchronization
process (instead of being deleted). This prevents users who were added by
another method from being deleted.