Set Permissions action not resolving deleted AD accounts

  • 20 April 2016
  • 3 replies
  • 8 views
R
Badge +1

Hi everyone,

I have a workflow that includes a "set permission" action which changes the permission of the person who filled out a form. The username is picked up from the "Created By" field. I use this system generated field rather than a people picker field on the form, because it guarantees that it's the same user which submitted the form.

There's a scenario where the following occurs:

1. An employee fills out the form

2. The employee leaves the company

3. The AD account is deleted

4. The workflow reaches the "set permission" after point 3 above

5. The workflow tries to set permission on an AD user that does not exist, so it errors out.

Is this a bug in Nintex workflows or is that normal behaviour for it? I've tried this on Workflows 2013 and Workflows 2007 with the same issue.

Shouldn't the set permissions task skip an AD user account if it can't resolve it?

I've been advised that:

a. I must use the "Created By" field

b. The AD accounts on ex-employees must be deleted.

Any help would be most appreciated. Thanks.

3 replies

E
Userlevel 5
Badge +14

I would say this is rather sharepoint 'feature' then nintex one. you neither can manually update/change permissions for an account that can not be resolved against AD.

if it's a real issue for you use LDAP query action to check existence of an account first and just then decide how to set item permission (it's good chance to make a clean and remove the account from access list)

E
Userlevel 5
Badge +14

Hi Rami D‌,

were you able to resolve your issue?

if so, could you post how did you finally approach and mark respective answer correct?

w

R
Badge +1

Thanks Marian and for everyone's feedback.

We ended up temporarily using another field rather than the Created By field. The LDAP check will be the permanent solution as you recommended. 

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings