Here’s my interpretation/educated guess based on various things I’ve read and conversations I’ve had:
SailPoint is in the process of migrating the AD connector to using the objectGUID or some other similarly immutable ID as the account id instead of distinguishedName. This issue was reported and according to this post Issues with Active Directory Connector - #13 by cstepp it is caused by a feature flag.
With those two pieces of information in mind, I’m jumping to the conclusion that there is a process in place to translate the objectGUID to the DN somewhere and that translation gets broken when an account’s DN changes (i.e. in an account move or rename). By removing the PREFER_UUID flag it reverts to using the actual DN as the key.