Forum Discussion

RSKadish's avatar
RSKadish
Brass Contributor
Jul 12, 2024
Solved

Renamed PIM Group names not updating

I configured several Entra security groups with PIM a few months ago.  However, the groups names were always intended to be temporary.  This morning I renamed the groups.  On the PIM screens, the ori...
Identity Management
  • Vicky_bom3's avatar
    Vicky_bom3
    Jul 14, 2024

    Hello RSKadish 

     

    I did some research for your problem and as per my research I found couple of articles which did say that sync of group delete or changes dose take good amount of time.

     

    it is mentioned in ms document that if u delete a group linked with Pim then it takes around 24 hrs to sync that change in pim. https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/groups-discover-groups

    also one Reddit post user also mentioned that if u rename group which is linked to PIM, then PIM caches the same for long period of time. https://www.reddit.com/r/AZURE/comments/17g169q/pim_for_groups_still_showing_groups_that_have/

    And one more Microsoft community post user mentioned on 28 April 2021 that group name change or removal will take 24 hrs to sync- https://techcommunity.microsoft.com/t5/security-compliance-and-identity/remove-a-privileged-access-group/td-p/1719444

     

    so I would say the group name will be updated automatically but its gone a take at least 24 hrs and may be more as well. But it will update for sure.

     

    additionally I would say check The PIM configuration on PowerShell or Graph and see if it shows new group name or old.


    Thanks

    Vicky

frankfalvey's avatar
frankfalvey
MCT
Jul 14, 2024
Unfortunately, there's currently no direct way to force PIM to automatically update with the renamed Entra security group names. However, there are a couple of approaches you can take to fix the display in PIM:

1. Re-configure PIM Groups:

Remove Existing PIM Groups: This is the most straightforward approach but requires some additional work. Go to the PIM portal and remove the existing groups that are linked to the renamed Entra security groups.
Re-add Groups with Updated Names: Once removed, navigate to the Entra security console and locate the renamed security groups. In the PIM portal, re-configure the PIM access by selecting the newly named Entra security groups. This will ensure PIM displays the updated names.
2. Wait for Automatic Update (Potential):

While not guaranteed, there's a chance that PIM might eventually synchronize with the updated Entra security group names. This process can take some time, depending on your specific configuration. It's best to check with your Entra documentation or support to see if there's a known delay for group name updates in PIM.

Here are some additional points to consider:

Testing: If you choose to re-configure the PIM groups, make sure to test access for authorized users before removing any existing groups.
Documentation: Update your documentation to reflect the changes made to the Entra security group names and their corresponding PIM configurations.
If neither of these options seem ideal, it might be beneficial to reach out to Entra support for further guidance on potential solutions or workarounds specific to your environment. They might have additional insights or upcoming features that address this type of scenario.

Resources