Disabled AD Account gets Unlinked in IDN after Full AD Aggregation

Rajesh_Thota1 · August 9, 2024, 12:09pm

Hi Team,

Below is the issue we are facing currently.

When identity is aggregated from auth source, created AD accounts through RBAC process.
When User is terminated from HR, we are disabling AD account and moving account to Disabled OU. After this when we run full AD Account aggregation, AD account gets unliked from identity. But if we run AD full aggregation again, then it’s get relinked to the identity. We have only one domain controller.

I have noticed that when account is disabled, role and entitlement gets removed from the identity and also if run single account aggregation we don’t see the issue.

Any thoughts on the issue.

Thanks,
Rajesh

shekhardas1825 · August 9, 2024, 12:45pm

Hey @Rajesh_Thota1 Is it the same query which you have posted few hours back?
AD Account gets Unliked from identity after AD full aggregation - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

system · October 8, 2024, 12:45pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
AD Account gets unlinked from identity after AD full aggregation ISC Discussion and Questions aggregation , identity-security-cloud , provisioning	9	58	October 15, 2024
AD Disable, Account ID updating ISC Discussion and Questions	4	1462	July 19, 2023
AD before provisioning rule ISC Discussion and Questions	5	2880	July 19, 2023
AD links deleted IIQ Discussion and Questions identityiq	7	39	September 22, 2024
Duplicate account is getting created after rehire ISC Discussion and Questions identity-security-cloud , provisioning	25	733	March 23, 2024

Disabled AD Account gets Unlinked in IDN after Full AD Aggregation

Related Topics