Digging around in the various docs I've found I can't seem to find an answer to this question so I'll ask here..
I'm curious if there is a limit on the number of AD groups per user that the Agent can handle? I'm worried we might run into some limitation cause our group situation is really out of control with no fix in sight..
There is no known limit for the number of groups a user can belong to. However, if the user belongs to multiple groups and they are each referenced in the same policy etc. the user will be pulled from the first group the system finds them in. Read top down
There may be delay issues when reading multiple groups or multi tiered/ nested groups because the responss are expected within a certain amount of time - though in principal there is no limit to the number of groups a user may belong to
repeating what sjamaluddin stated there is no known limit for the number of groups a user can belong to.
Here is a paltform capacity for User ID Agent
Maximum number of pan-agents per platform: 100
Maximum number of groups that can be defined in policies per vsys: 640
If you need additonal informaiton please contact support or local SE for additional information.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!