As we are all aware, in the Application Owner Certification, when we revoke the account, the account will be deleted in the native application.
But if you have a requirement that you want to disable the account instead of delete it, then you can try with the entry called (<ProvisioningConfig deleteToDisable=“true”/) in the application (by adding it to the application from the Debug page). But that may create an issue with the default behavior of deleting accounts (in Manage Accounts).
So for that, without disturbing the OOTB functionality of Manage Accounts (Delete), what we can do is write a simple code in the before-provisioning rule of the application that checks if the request (Source) is a Certification, Delete request and then disables the account instead of deleting it. Here is the code for that.
Code:
String userId = "";
List accRequests = plan.getAccountRequests( application.getName() );
for ( AccountRequest accReq : accRequests )
{
if(accReq.getOp() == ObjectOperation.Delete && null != plan.getSource() && plan.getSource().equals("Certification") && null != accReq.getNativeIdentity() )
{
plan.remove(accReq);
userId = accReq.getNativeIdentity();
AccountRequest disableActReq = new AccountRequest();
disableActReq.setOperation(AccountRequest.Operation.Disable);
disableActReq.setApplication("AppName");
disableActReq.setNativeIdentity(userId);
log.error("Added the account request for disable: ");
plan.add(disableActReq);
}
}