Sep 03 2021 03:00 AM
Hello,
I have I question how this scenario is handled.
User A was granted access to a document. After a while User A leaves the company and his account is deleted.
After a while User B start to work in the company, in a different role. But he has the identical name (from User A) and so he gets the identical Azure AD ProxyAddresses attribute and Azure AD UserPrincipalName.
What will happen when User B tries to open (read) the document.
Can he read the document because he has the “identical” attributes, or does AIP recognize (hopefully) that he is a different user?
If AIP recognize these accidental doubles and prohibited unwanted access, what are the technical details? User Object ID or something else?
Or do we need to deal with this problem on an organization level?
Sep 03 2021 03:52 AM
Sep 03 2021 03:58 AM