Account with ID does not exist error while disabling account via JDBC connector

IdentityIQ (IIQ) IIQ Discussion and Questions
,
1

Hi Team,

I am facing an issue while trying to disable an account from the Manage Accounts section in SailPoint IdentityIQ using a JDBC-based Oracle application.

Error:

Not a valid parameter: Account with ID <ID> does not exist

Context:

  • Application Type: JDBC (Oracle)

  • Operation: Disable Account via Manage Accounts

  • Account is successfully created in Oracle (e.g., A6719)

  • Aggregation and Identity Refresh have been executed

  • Account is visible in SailPoint

Observed Behavior:

  • While disabling the account, the above error is thrown

  • On checking the Link object, it is created as:

<Link displayName="A6719" identity="A6719">
  • Instead of linking to the actual identity (e.g., Betty Young), the identity field is set to the account name itself

Correlation Setup:

  • Attribute-based correlation:

    • Application Attribute: EMPLOYEE_NUMBER

    • Identity Attribute: employee_number

  • Correlation Rule (currently configured):

import java.util.HashMap;
import java.util.Map;

Map map = new HashMap();
map.put("employee_number", account.getAttribute("employee_number"));
return map;

Expected Behavior:

  • Account should be correctly correlated to the identity (e.g., Betty Young)

  • Link object should have:

  • Disable operation should succeed

What has been tried:

  • Full aggregation and identity refresh multiple times

  • Verified schema (USERNAME as identityAttribute)

  • Checked account exists in Oracle and is OPEN

  • Removed and recreated links

    Could you please help identify:

    1. Why the Link is getting created with identity = account name instead of actual identity?

    2. Why the disable operation is failing with “Account with ID does not exist”?

    Any guidance would be appreciated.

    Thanks!

    identity = <actual identity name>

    Screenshot 2026-04-28 160659
    Screenshot 2026-04-28 160659800Ă—198 8.47 KB

2

Hello @Viraj,

Before trying to disable the account, we first need to fix the correlation issue.

Right now, your accounts are not properly correlated to the identity, which is why the Link is showing identity = account name. Because of this, IdentityIQ cannot find the correct account during disable, leading to the error “Account with ID does not exist”.

Since you are already using employee_number for correlation, it’s better to configure this directly in correlation config instead of using a rule.

Steps to fix:

  1. Fix correlation using:

    • Application attribute: EMPLOYEE_NUMBER
    • Identity attribute: employee_number

  2. Run full aggregation and identity refresh again

  3. Run Prune Identity task to remove old/unlinked accounts

  4. Make sure the Link is correctly mapped to the actual identity (e.g., Betty Young)

After correlation is correct, the disable operation should work.

Also, if you want to control disable behavior (like status update in DB), check if you have a BuildMap rule. If not, you may need to implement one based on how your JDBC application handles disable.

Thanks!

3

I did what u said removed the correlation rule and then tried account correlation along with other steps u mentioned

it didn’t

work also its like username has a Q prefix after the EMPLOYEE NUMBER as u can see in the image

image
image800Ă—297 76 KB

image
image1375Ă—132 4.08 KB

4

Hi @Viraj Attribute based configuration works only when your identity attribute and account attribute have the exact same value. In your case, Account Attribute is appended with a Q so it is not going to work.

If you have any other attribute in account schema, which can be mapped with identity attribute, you can add these to your correlation config as well. If it doesn’t work, then you need to write a correlation rule, where you can take a substring after Q and return the map to correlate using the employee number.

Please give it a try and let us know if you need any further help.

Note: Found a fix?Help the community by marking the comment as solution. Feel free to react(:heart:,:+1:, etc.)with an emoji to show your appreciation or message me directly if your problem requires a deeper dive.

5

Hello @Viraj,

If the values match exactly, you can use simple correlation config (no rule needed).
For example:

  • Account: 1001
  • Identity: 1001

But in your case:

  • Account: 1001
  • Identity: Q1001

Since they don’t match, correlation will fail. So you need to use a rule to align the values.

For example, you can add prefix in rule:

String emp = account.getAttribute("employee_number");

if (emp != null) {
    emp = "Q" + emp;
}

Map map = new HashMap();
map.put("employee_number", emp);
return map;

Once values match, correlation will work correctly.

Thanks!

6

image
image629Ă—511 64.3 KB
import java.util.Map;
import java.util.HashMap;

Map returnMap = new HashMap();

try {
String emp = (String) account.getAttribute(“EMPLOYEE_NUMBER”);
log.error("Correlation Rule: Original EMPLOYEE_NUMBER = " + emp);

if (emp != null && emp.trim().length() > 0) {
    emp = "Q" + emp.trim();
    log.error("Correlation Rule: Modified employee_number = " + emp);



    returnMap.put("emp_id", emp);
    // ya agar identity attribute ka actual name employee_number hai:
    // returnMap.put("employee_number", emp);
} else {
    log.error("Correlation Rule: EMPLOYEE_NUMBER is NULL or empty");
}

} catch (Exception e) {
log.error("Correlation Rule ERROR: " + e.getMessage(), e);
}

return returnMap;

But still getting error

7

could you please share the logs from the server what exactly it is saying?

8

@Viraj try returning like this: returnMap.put("“identityName”, emp);

Also what is the error? Screenshots shows logs from your try block only so it looks good.

9

hi @Viraj

Is issue still persisting ?

10

Looks like correlation mismatch is the issue:

Account attribute (USERNAME) has a prefix/suffix, not matching identity attribute, because of this mismatch, SailPoint is linking incorrectly (identity = account_name)

During disable, it uses wrong nativeIdentity hence "Account with ID does not exist"

Checking Areas

  • Validate which attribute is actually used for correlation
  • If USERNAME = Q12345 and identity = 12345, mismatch will happen
  • Fix correlation logic:
  • Either map correct attribute directly
  • Or normalize value in rule (remove prefix/suffix before matching)
  • Clean existing incorrect links
  • Delete links
  • Run aggregation
  • Run identity refresh

Verify nativeIdentity is consistent with account ID used in provisioning

Try this once

Map tempMap = new HashMap();

 try {
    String username = (String) account.getAttribute("USERNAME");

     if (username != null) {

       // regex for removing non-numeric data

        username = username.replaceAll("^[^0-9]+", "");
    }

    tempMap.put("employee_number", username);

} catch (Exception e) {

    log.error("Correlation Rule Error: " + e.getMessage());

}

return tempMap;
11

Hi @Viraj ,

The identity in link will get populated based on the identity attribute mentioned in the application schema and not the identity it got correlated to.