The attached sample adapter could be used as a starting point for implementing a process such as the following with FlexNet On-Premises:
Arrange to export relevant AD group membership information to a CSV file named C:\Temp\ADOperatorRoles.csv. This file should have the following columns: Member, Name, Mail, RoleName (see the details in the adapter to understand which fields in FlexNet these columns map to).
Run the adapter to import the role membership information from the CSV file.
(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)
On related note.. what is the good way to automatically remove operator access?
From what I know there is sp GroupExDeleteGroupMembership that should do it. Anyone used it before in such scenario?
I am already doing some automation for Named User licenses, based on AD groups. There it's safe to remove allocations, directly for allocations table with Custom SQL, but Operator is slightly more complicated.
You could just go and disable the operator in the ComplianceOperator table by setting the "IsEnabled" flag to "0".
Or, if you want to completely remove them, you could use the stored procedures
ComplianceOperatorRemoveByID
ComplianceOperatorRemoveBatch
Because you are referring to group memberships, if you plan to change the operator scope/restriction, keep in mind that removing all business units / locations / cost centers will result in global access.
Best regards,
Markward
Softline Group is Europe's leading independent expert in Software Asset Management.
Another option would the implementation of Single Sign-on with SAML. This way you can grant access via the Identity Provider on group level. (only if your IP supports authentication on group level)
More information about SAML can be found on the FNMSSystemReference.pdf.
