When a group is created in Active Directory, it does not automatically appear in the policy groups list. At least one user that is assigned to the group must successfully authenticate using PingID for the groups list to be updated.
To ensure Active Directory groups are populated in the policy groups list, configure your system so that all user groups that appear in your directory are included in a PingOne single sign-on (SSO) assertion or PingID authentication, such as using the PingID Adapter attribute mapping. For more details, see Registering the PingID service.
For an organizational user group to appear in the policy groups list, update the policy groups list.
- Create a new user group in your local Active Directory.
Assign users to the directory group.
At least one user must be assigned to the group.
- Ensure at least one of the users in the new group authenticates with PingID successfully or through SSO to PingOne.
In the PingOne admin portal, go to Policy window.
. Refresh the The next time you create or edit a policy, the new group appears in the Groups list.