We have configured our ManageIQ instance to authenticate against Active Directory per the documentation.
I also believe I understand how ManageIQ Groups map to Active Directory groups.
My question is, should the ManageIQ users be automatically added to ManageIQ groups based upon this ManageIQ Group : Active Directory Group mapping?
In other words, if ADGroupA is mapped to ManageIQGroup1, and I have an AD user in ADGroupA, when this user logs in, will he/she automatically be in ManageIQGroup1?
If so, when does this happen? Upon first login? When the ManageIQ group is mapped/created? On a scheduled basis?
If not, am I correct in assuming the user will still need to be manually added to the ManageIQ group? Will ManageIQ NOT allow me to add the user if the corresponding AD User is not in the AD Group mapped to this ManageIQ group?
Any details on how this is supposed to work would be greatly appreciated.