Hi
It depends.
If you are using Axon.ivy < 4.3 the users are deleted and then re-imported if the ldap names of the users have changed. This will also delete the role assignments. The ldap name is the full path of the user name inclusive all organisation units and domains. E.g. CN=Reto Weiss,OU=ivyTeam,OU=AXON IVY,DC=AXONIVY,DC=COM.
If you are using Axon.ivy >= 4.3 the users are only deleted and then re-imported if the ldap names of the users have changed and also the sAMAccountName of the user have changed. If only the ldap name has changed but the sAMAccountName is still the same the users are migrated to the new AD.
Attention: Not only the role assignments maybe lost but also the task assignments.
To be secure I suggest that you follow this procedure:
1. Make a backup of your system database before you change the AD settings in Axon.ivy Engine.
2. 3. Trigger a synchronization of the users by pressing the Synchronize button in AdminUI.
3. 4. Test if all users are still there and if the role assignments are still correct.
If you run into problems you can at least reset the AD settings and restore the database. Axon.ivy Support can help you find another solution for migrating your users to a new AD without loosing your data.
Reto Weiss
Axon.ivy Support
