AD Security groups not being used for policies / webfiltering??

[Mathiau]

So this is a mix between Directory Connector, Policy Manager and webfilter, i think..

i have Policy manager set up by department, each department has their own rack and webfilter configuration with the parent rack, Default rack, being used for everything else, firewall, spyware et cetera.

Now in my Active directory i have same set up, Ogranizational Units for each department, and then with in those the Users and also Security Groups

So for example i have
MyDomain / Workstations OU /
Customer Service OU
- CS (Security Group)
- Joe blow
- Mary Jane
- Elvis
- Tu Pac

Now, all of the users are in the CS security group, i use this to make life easier when adding GPO's to our domain and use the Security groups to add instead of having to add 20+ individual users to things for access.

In policy manager i am doing the option for

Users
the users you would like to apply this policy too

Now we had a new employee join the company and so i created his account under the Customer Service OU and added him as a member to the CS security group.

I was reviewing the reports and he was having full access to all sites, which it shouldnt since the Customer Service Policy / Rack is set to fairly restrictive.

Checking Directory Connector, it seems like it either isnt updating and adding the Security groups i have made and it only is including users?

Attached is the select user section from policy manager

those groups, dont show in my Directory connector list when i query the users.

[Mathiau]

thoughts?

[hlarsen]

do any security groups show up perhaps under other OUs?

[Mathiau]

just an update, i updated to 9.1, i scrapped all of my racks and redid them, just put in my first rack and policy and added only the AD OU to the users list and it is picking people up now!