Environment
CGW
Security Manager 6x
Situation
Resolution
There are 2 possible workarounds
Change the primary group for the affected users to something else.
1) Go to Active Directory user and computers
2) Go to the OU where the user account is located
3) Right click user and select properties
4) Choose the ?member of? tab
5) Decide which group will be the new primary (must be a global group)
6) Highlight the group and select the ?set primary group? button
Or Explicitly list these users in the "user restrictions" section of the filter definition.
1. Go the Security Manager configuration wizard\change guardian\configure change guardian for windows filters
2. Go to the filter group user restrictions tab
3. Add the affected users
Cause
CGW does not know if a user belongs to a group if it is the user?s primary group. To determine if CGW knows about the user group membership of that particular user, run the following command.
DSQUERY group "groupDN" | DSGET group -members >>textfile.txt
Note: to find the group DN you can use the following commadn: dsquery group -name group_name|dsget group -DN
The DSGET command has the same issue so if the resulting text file does not contain the user in question, then CGW will not recognize it either.
Additional Information
This will be fixed in a future release