It would be valuable to have a better process to handle orphan objects at scale in real time. When a contact goes missing, contacting alternate contact to name a replacement contact. When both contacts go missing, then holding an election with members who are managers to name an owner. When there are no managers in members, asking 1st 25 members who they think should be a manager. When no manager is elected, notify/assign task to operations team for investigation. This is our biggest problem for audit, and compliance. An automated solution would be a massive value to keeping things tidy.
Good Morning, David,
Thank you for engaging with the Netwrix Community!
Have you had a chance to explore the Orphan Group Update Schedule feature in Directory Manager? It’s a powerful capability designed automatically assign a primary owner to orphaned groups. To work, the orphan group must already have at least one additional owner. During the scheduled run, the system promotes the first additional owner in the list (user, contact, or security group) to primary owner and sends them a notification.
1 Like
Yes I was made aware. The point to my suggestion was what happens to an orphan group with no owner? If a group has 1/2 owners then it isn’t orphaned yet. We have many groups with no owner, or both left at same time, etc. Having a 2nd feature where an election could be held would be extremely useful.