Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.

Hello Team,

I am facing below error, while performing disable operation in Active directory.

UseCase:

if identities have same email address and using same Active Directory account.

If any identity gets inactive in ISC , so the rule check other identities are active or not , if any identity active, the rule must stop disabling account.

Issue:
We have implemented beforeprovisioning rule to perform disable account, when we test the case, encountering an below error.

Screenshot 2026-01-06 at 8.27.57 PM986×650 62.5 KB

Can you share the rule? Did this rule come from IIQ or modified from an IIQ based rule?

Has this rule worked in any other environment?

@Prasad_muchanapally is this identical issue as being discussed in Disable account getting failed using beforeprovisioning rule - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community ? Could you give it a look, as there are more details provided already.

Hi Prasad,

refer below post for your reference on the same error.

The issue is a ClassCastException caused by using sailpoint.object.Identity instead of sailpoint.rule.Identity in cloud rules. The sailpoint.rule.Identity class doesn’t have getAttribute() method—use getLifecycleState() directly:

for (sailpoint.rule.Identity idVal : identities) {
    String searchidnlifecycleState = idVal.getLifecycleState() != null 
        ? idVal.getLifecycleState() : "";
    if ("active".equalsIgnoreCase(searchidnlifecycleState)) {
        isAnyIdentityActive = true;
        break;
    }
}

This resolves the casting error when iterating over identities returned by findIdentitiesBySearchableIdentityAttribute().

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.