Decommission an Logiplex application

Which IIQ version are you inquiring about?

8.X

Share all details about your problem, including any error messages you may have received.

We are having a logiplex application based on ADLDS group membership. Now we wanted to decommission few applications. What should be the best approach to do the same.

On a high level, I know the process to decommission application, But still wants your advise/alternatives -

1. Remove all the entitlement either by running the aggregation (adding filter so that it returns zero data) or delete from backend
2. Remove all the Accounts either by running the aggregation (adding filter so that it returns zero data) or delete from backend
3. Above may require detect deleted as true in aggregation task.
4. Remove Aggregation task if added as any sequential task ( both for entitlement and account aggregation)
5. check if any bundle is created and need to be disabled it may impact the existing users and can trigger removal
6. Remove the connection details
7. Enable Maintenance Mode for application .

Also, here on step 1 - we are unable to filter out that group from parent Group aggregation, because ADLDS doesn’t support filtering based on distinguished Name attribute.
Filter, I tried was (&(objectClass=group)(!(distinguishedName=*OU=App_OU,DC=acme,DC=local*)))

hi @officialamitguptaa

You’re on the right track with your decommissioning steps.

Just a few quick notes:

• Since ADLDS doesn’t support filtering on distinguishedName, consider using a custom attribute for filtering or handle exclusions via a post-processing rule or connector customization.
• Make sure to enable “Detect Deleted” during cleanup aggregations.
• After removing entitlements/accounts, clean up any bundles, aggregation tasks, and connection configs.
• Maintenance mode is a good interim step during the process.