I'm working on changing my authentication from IWA to LDAPS, as the user/group lookup happens via LDAP when you're using IWA.
The change is pretty much straight forward as I'd have to delete the IWA identity source and recreate it as LDAPS.
But I'm unsure of what will happen to my already configured roles.
I have a ton of roles configured to use AD groups.
Would these be removed, once i delete my IWA identity source? Or would they stay and continue to work after i recreate my identity source?
Has anyone else attempted this?
Hey, hope you are doing fine.
If you change from LDAP to LDAPS on the same domain the roles will not be touched since the SAM accounts do not change. (and as you know the roles are associated to the SAM accounts on AD)
When you remove the identity sources AD users will be unable to authenticate but once you add it back on LDAPS it will work back