< All Topics

Does Directory Manager Also Remove Groups?

Does Directory Manager Also Remove Groups?

Yes, Directory Manager can be configured for group management, including the removal of certain groups as part of the expiration process:

  • Configurable Group Removal: Directory Manager allows for the removal of specific groups or all user-assigned groups. However, it cannot remove Active Directory built-in groups, such as ‘Domain Users’ or ‘Authenticated Users’.
  • Exclusion of Built-in Groups: Due to system constraints, Directory Manager does not have the capability to remove built-in groups from a user’s account.
  • Reporting: If groups are removed, Directory Manager can provide a report detailing which groups have been removed for a specified user, aiding in audit and compliance efforts.

It’s important to configure group removal settings in accordance with your organisational policies, bearing in mind the system’s limitations regarding built-in groups.

For guidance on configuring group removal settings or to understand more about the system’s limitations, please consult the Directory Manager documentation or contact our support team.

Table of Contents