Some Agents Get Demoted to End Users

1 Comments

  • Dan Cooper
    Comment actions Permalink

    I can't speak to Azure AD sync, but I ran into a similar scenario recently with another identity provider.  We had rules established that would grant agent permissions based on employee metadata, but if that employee was promoted or changed roles - they would no longer meet those conditions and would have their access revoked and they'd fall back to our end user role.  I'm not sure what you can configure in Azure, but it might be worth checking to see if there are any rules or automated processes that might be kicking in that are disqualifying your agents from being agents and pulling their access.  If they are still in an agent group in Azure, it might be worth checking to see if they are in a second group that might be overriding that permission with an end user role as well.  We have users setup with a back up end user role, and it took a bit to make sure they didn't get set to end user over their main role.

    0

Please sign in to leave a comment.

Powered by Zendesk