I am trying to create a transform that sets the deletion date of an identity 60 days in advance, but I can’t use the HR source as sometimes they back date users which could cause users to delete sooner than the 60 days so I am using the exact moment that SailPoint knows Active Directory is disabled as that bench mark. Is this possible to detect in a transform? I was thinking of using useraccountcontrol as that detection, but there are so many combinations that I don’t think this’ll work.
You can use the IIQDisabled flag or accountFlags Flag in your transform to check if AD account is enabled/disabled.
Please refer this older post for additional information on using these attributes : Lifecycle Transform issue - #4 by chirag_patel
2 Likes
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.