Still can't understand, please clarify it to me, would really appreciate it. No info in docs though.
So. We are using only SAML groups, there are no "individual" or "windows groups" accounts.
For example we have such AD structure:
AD User "X" is a member of AD Group "Group.City".
AD Group "Group.City" is a member of AD Group "Group.Country".
AD Group "Group.Country" is a member of AD Group "DSG.Solarwinds.ReadOnly"
So nested structure is like that:
Hope it is clear enough.
Also, user "X" is a member of another AD Group - "DSG.Solarwinds.Admins":
Both groups - "DSG.Solarwinds.ReadOnly" and "DSG.Solarwinds.Admins" are added as SAML groups in Solarwinds.
And DSG.Solarwinds.ReadOnly is located higher in the list.
But when I login with "X" user, I'm getting Admins rights instead of ReadOnly!
And in the account list I see what I was loggin as "DSG.Solarwinds.Admins".
Why? Does ad-nesting work in Solarwinds or not?