Hi Guys,
Could you please point to link where difference between LDAP group and access role is described?
My issue is:
We do have used both in our policy (LDAP & AR) objects.
When user, whose laptop is in domain - meaning internal user with windows - he can match rules setup with access role objects.
When user, whose laptop isn't in domain, but user is still internal and his account is in domain - he can not match rules setup with access role objects, BUT can with LDAP objects
When user is external, but he/she does have account in domain - same behaviour - he can not match rules setup with access role objects, BUT can with LDAP objects
Looks like AR objects are working only with corporate windows laptops.
Is AR "examinating" user differently then LDAP? apparently yes, but do we have exact reason?
We are using R80.30, Take219, Identity Awareness with Identity collector
Thanks a lot for hints