The PI AF Link went out of sync. After resynching, it seems like the process created some AF identities that do not seem to be used in the AF database security. Are these AF identities created for a reason?

I would like to resume this topic.

Doing a security audit of one of our PI AF Servers, found 16 !! identities with this format, (one created for each identity account and active directory group) with the corresponding mappings to similar accounts and active directory groups.

Security screen is weird, and worst, I believe these are not used at all, just adding confusion to an administrator.

Do you think I can just DELETE all these PIAFLINK%server... identities+mappings without risk ?

SteveBoyko​ maybe you have a good answer already?

Many thanks!

Josep

I would like to resume this topic.

Doing a security audit of one of our PI AF Servers, found 16 !! identities with this format, (one created for each identity account and active directory group) with the corresponding mappings to similar accounts and active directory groups.

Security screen is weird, and worst, I believe these are not used at all, just adding confusion to an administrator.

Do you think I can just DELETE all these PIAFLINK%server... identities+mappings without risk ?

SteveBoyko​ maybe you have a good answer already?

Many thanks!

Josep

In the past, i deleted unused identities like this without problem, but they just get recreated after a while.