This document has not been formally reviewed for accuracy and is provided "as is" for your convenience.
Summary
After domain migration, Users ID re-imported to HPSA via ldap_sync in normal fashion, cannot see deployments they are supposed to see.
Question
After domain migration, Users ID re-imported to HPSA via ldap_sync in normal fashion, cannot see deployments they are supposed to see.
Answer
When the account was reimported, it only imported once since the account was dropped, and only one AD group since it was dropped. However, DMA saw the AD group as a new, distinct group instead of a refreshed, reincarnation of the original group. Being a distinct group, it had to be re-added as a Role in DMA and granted its permissions.