Hello Experts,
if the user is already in “active” state does enabling the active state in lifecycle provisioning in the Identity Profile add the all the access profiles added in there to the existing identities? we do not want the existing active users to get the access profile, we only want the new users in active state to get the access profile. is there anyway to ensure that?
You can’t restrict like that, all active (existing & new) users will be impacted unless you use one more active state in your Identity Profile.
Does that mean once we enable it every identity in active state will get the access profile? Also, if we enable the lifecycle state without the access profile but then after the refresh add it? Will that also result in the same scenario
Hi Aishwarya,
Result would still be the same. Recalculation of users’ lifecycle states and the corresponding provisioning actions occurs during event-driven and scheduled identity processing.
Settings for previous account is mainly to decide whether to enable/disable account or maintain the same status
Hello Aishwarya,
Following link might help:
Hey @MVKR7T , just one more question. If we move from pre hire to active lifecycle state but the provisioning on the active lifecycle state is disabled. Will it still try to deprovision users from the access profile it got added to during the prehire state?
When you move from one LCS to another
- It has to remove the AP from old LCS
- It has to provision AP in new LCS, new LCS will be applicable only if it is enabled.
Hope I answered your question 
1 Like