Description
Although during branch testing all situations worked out after PR merge to main this isn't the case anymore for AD provider. A given prune step that should just remove all groups is always in Changed: False
Steps to Reproduce
- Having a user with multiple groups
- Step with
PruneEntitlements
@{
Name = 'AD - Prune Groups'
Type = 'IdLE.Step.PruneEntitlements'
With = @{
IdentityKey = '{{Request.IdentityKeys.sAMAccountName}}'
Provider = 'AD'
AuthSessionName = 'AD'
Kind = 'Group'
}
}
- Plan + Invoke
Expected Behavior
In the case of the given test user: remove all groups except primary group (AD).
Actual Behavior
Nothing is done.
Environment
- PowerShell version: 7.5.4
- OS: Windows Server 2019
- IdLE version / commit: main
- Execution context (CLI / Service / CI): CLI, AD Provider
Additional Context
- the user definetly has groups to remove
- it doesnt make a different if a keep entry is added
Description
Although during branch testing all situations worked out after PR merge to main this isn't the case anymore for AD provider. A given prune step that should just remove all groups is always in
Changed: FalseSteps to Reproduce
PruneEntitlementsExpected Behavior
In the case of the given test user: remove all groups except primary group (AD).
Actual Behavior
Nothing is done.
Environment
Additional Context