Hello,
I created a new sponsor groupe with user member from AD.
and with the right to manage "only account sponsor has created"
The pb is they can see and manage all guest account.
I noticed that I have this pb only with AD user , not Internal users.
I noticed also, that if I remove all member from AD in the list, they still can login...!
However, they are not specify in any other sponsor group.
It is like the AD-User are automatically members of group "ALL_ACCOUNTS", even if thy are not configured in it.
I user ISE v2.7 patch2.
Michel Misonne