We would like the ability to add global groups into the Guardium appliance as users. These global groups would need to be able to be assigned a role, and all users in the group would need to be assigned whichever role is assigned to the global group.
Through this, any users in the global group would be able to login and have the role granted to the group. Additionally, any audit reports, etc. that would be emailed to the group should go to all members in the group (similar to a distribution list)
While we know about the group import option, we want the ability to allow active directory to handle all user adds and deletes, without the need for the Guardium appliance to really be part of it (ie. if a user is removed from the global group, they would immediately use access to the Guardium appliance, role, etc., instead of needing to be offboarded later)
Do not place IBM confidential, company confidential, or personal information into any field.