Steve Posted March 4, 2020 Share Posted March 4, 2020 Currently, there is only a single API available in relation to AD Security Groups, and it simply allows Add. Currently, if you ask it to add a group, it does so, regardless of whether the group already exists, thus creating multiple entries in PasswordState. Since there can be no valid reason for the same group (who's membership is managed externally) to exist in PasswordState multiple times, I would consider this an error and simply confusing to users. Since there is no available API to query whether a group already exists, it makes it difficult to determine whether to add the group or not. I can think of some possibilities: - Add a query to determine if a group exists - add an "Ignore duplicates" flag to the Add method - add a fail on duplicate flag to the Add method Using a flag could allow the attempted add to do the ad sync it says it currently does , and thus could be used to notify PasswordState that the group has been changed and a refresh is needed. Currently, an equivalent sync is only available via the Password Reset Portal, and not available if this component is not installed. Link to comment Share on other sites More sharing options...
support Posted March 4, 2020 Share Posted March 4, 2020 Hi Steve, We have no validation for this in the API, and this is by design - we naturally assume customers would not add the same Security Group in more than once, like many other calls in the API. If you need any changes to the API, can we please ask you log a feature request for this. Thanks very muchh. Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now