owms4 (owms4) asked a question.
Group Rule is not Matching some users even though they have the same attribute
Use case:
I have two users, John Doe and Bob Smith.
Both users have an AD attribute called "extLocation" which is a String type.
John Doe's attribute says: extLocation: ""Fulltime-Remote""
Bob Smith's attribute says: extLocation: ""Parttime-Remote""
I can confirm that this attribute is showing up in both users profiles.
I created a Group Rule that says:
"IF user.extLocation contains "Remote"
"THEN Assign to the group "Remote_Workers_Group"
Problem:
The rule only applied to Bob Smith's and Not John Doe, even though they both have the matching term "Remote" in the attribute value.
How can this be resolved?
Thank you in advance
Hi @owms4 (owms4) , Thank you for reaching out to the Okta Community!
I've just tested the following configuration and it worked for me.
And using the Okta Custom Expression Language, it should look like this:
My recommendation would be to check for any spelling mistakes or empty spaces, and depending on the number of users being evaluated, the process might take a few minutes.
Another thing to consider is if the affected haven't perhaps been manually removed from the group for some reason at some point, which then added them to the Exception list.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope it helps!