SOLVED

Renamed PIM Group names not updating

Copper Contributor

I configured several Entra security groups with PIM a few months ago.  However, the groups names were always intended to be temporary.  This morning I renamed the groups.  On the PIM screens, the original names rename.  Does anyone know how I can fix this?

 

Thanks in advance for help!

4 Replies
Unfortunately, there's currently no direct way to force PIM to automatically update with the renamed Entra security group names. However, there are a couple of approaches you can take to fix the display in PIM:

1. Re-configure PIM Groups:

Remove Existing PIM Groups: This is the most straightforward approach but requires some additional work. Go to the PIM portal and remove the existing groups that are linked to the renamed Entra security groups.
Re-add Groups with Updated Names: Once removed, navigate to the Entra security console and locate the renamed security groups. In the PIM portal, re-configure the PIM access by selecting the newly named Entra security groups. This will ensure PIM displays the updated names.
2. Wait for Automatic Update (Potential):

While not guaranteed, there's a chance that PIM might eventually synchronize with the updated Entra security group names. This process can take some time, depending on your specific configuration. It's best to check with your Entra documentation or support to see if there's a known delay for group name updates in PIM.

Here are some additional points to consider:

Testing: If you choose to re-configure the PIM groups, make sure to test access for authorized users before removing any existing groups.
Documentation: Update your documentation to reflect the changes made to the Entra security group names and their corresponding PIM configurations.
If neither of these options seem ideal, it might be beneficial to reach out to Entra support for further guidance on potential solutions or workarounds specific to your environment. They might have additional insights or upcoming features that address this type of scenario.
best response confirmed by RSKadish (Copper Contributor)
Solution

Hello @RSKadish 

 

I did some research for your problem and as per my research I found couple of articles which did say that sync of group delete or changes dose take good amount of time.

 

it is mentioned in ms document that if u delete a group linked with Pim then it takes around 24 hrs to sync that change in pim. https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/groups-discover...

also one Reddit post user also mentioned that if u rename group which is linked to PIM, then PIM caches the same for long period of time. https://www.reddit.com/r/AZURE/comments/17g169q/pim_for_groups_still_showing_groups_that_have/

And one more Microsoft community post user mentioned on 28 April 2021 that group name change or removal will take 24 hrs to sync- https://techcommunity.microsoft.com/t5/security-compliance-and-identity/remove-a-privileged-access-g...

 

so I would say the group name will be updated automatically but its gone a take at least 24 hrs and may be more as well. But it will update for sure.

 

additionally I would say check The PIM configuration on PowerShell or Graph and see if it shows new group name or old.


Thanks

Vicky

@Vicky_bom3 Thank you very much!  I'm pleased to let you know that when I came in this morning after the weekend, the groups on the PIM page were updated.

 

Thanks for marking my response as Answer and thanks for confirmation from your side.

Thanks
Vicky
1 best response

Accepted Solutions
best response confirmed by RSKadish (Copper Contributor)
Solution

Hello @RSKadish 

 

I did some research for your problem and as per my research I found couple of articles which did say that sync of group delete or changes dose take good amount of time.

 

it is mentioned in ms document that if u delete a group linked with Pim then it takes around 24 hrs to sync that change in pim. https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/groups-discover...

also one Reddit post user also mentioned that if u rename group which is linked to PIM, then PIM caches the same for long period of time. https://www.reddit.com/r/AZURE/comments/17g169q/pim_for_groups_still_showing_groups_that_have/

And one more Microsoft community post user mentioned on 28 April 2021 that group name change or removal will take 24 hrs to sync- https://techcommunity.microsoft.com/t5/security-compliance-and-identity/remove-a-privileged-access-g...

 

so I would say the group name will be updated automatically but its gone a take at least 24 hrs and may be more as well. But it will update for sure.

 

additionally I would say check The PIM configuration on PowerShell or Graph and see if it shows new group name or old.


Thanks

Vicky

View solution in original post