We’ve configured our Acumatica instance to use Microsoft Entra SSO. It works well, except when there are nested group assignments in our Active Directory groups. How do I get Acumatica to recursively find users assigned to a group. Here is a scenario:
User: Billy
Billy’s Direct Group Membership:
grpBranch1
grpFieldLevelAudit
Billy’s Nested Group Membership:
grpInternalUser is a member of grpBranch1
Acumatica Linked Active Directory Role Assignments:
Branch1 linked to grpBranch1
Field-Level Audit linked to grpFieldLevelAudit
Internal User linked to grpInternalUser
When Billy logs in, he only gets these role assignments:
Branch1
Field-Level Audit
However, even though Billy is a member of grpInternalUser through group nesting, he doesn’t get the Acumatica Role: Internal User.
I can confirm that the nested group assignment works with the on-premises Active Directory nested group membership. How can I get it to work when Acumatica uses Microsoft Graph?
